Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new…
US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems (CMSs) such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content.US-CERT recommends that users and administrators ensure that their CMS…
Microsoft has released Security Advisory 2757760 to address a vulnerability in Microsoft Internet Explorer 6, 7 , 8, and 9. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted HTML documents (e.g., a web page or an HTML email message or…
FTC Extends Deadline to Comment on Proposed Modifications to the Children’s Online Privacy Protection Rule Until September 24, 2012 Page summary: The Federal Trade Commission (FTC) will extend until September 24, 2012, the deadline for commenting on additional proposed modifications to the…
Microsoft has released updates to address vulnerabilities in Microsoft Development Tools and Server Software as part of the Microsoft Security Bulletin summary for September 2012. These vulnerabilities may allow an attacker to operate with elevated privileges.US-CERT encourages users and…
Malware is malicious software that a user unwittingly installs on their computer. Malware can disrupt computer operations, capture every keystroke, destroy data, gather usernames and passwords, acquire your address book and email addresses, or gain access to private networks. “McAfee has…
Do not allow Internet Explorer to store passwords for you Stored passwords allow anyone who can access your machine to log in to your web accounts as you. In addition, there are numerous utilities that can expose that hidden information and actually reveal the password. If you’ve reused that…
US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency…
US-CERT has released Vulnerability Note VU#636312 to address a vulnerability in Oracle Java Runtime Environment (JRE) 1.7. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system.US-CERT encourages users and administrators to review Vulnerability Note VU#636312.…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SQL Server, Server Software, Developer Tools, and Exchange Server as part of the Microsoft Security Bulletin summary for August 2012. These vulnerabilities may allow an attacker to execute…
Google Will Pay $22.5 Million to Settle FTC Charges it Misrepresented Privacy Assurances to Users of Apple’s Safari Internet Browser Privacy Settlement is the Largest FTC Penalty Ever for Violation of a Commission Order Google Inc. has agreed to pay a record $22.5 million civil penalty to settle…