Cisco Secure Access Control Systems (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass the TACACS+ based authentication service offered by the product.Cisco has released software updates that address this vulnerability.US-CERT encourages users and…
The Standard Traveler scam is a computer program that hacks the victims’ emails. Then, it asks the contacts for money: Hello, Just writing to let you know our trip to Manila Philippines has been a mess. I was having a great time until last night when we got mugged and lost all my cash, credit…
Google has released Google Chrome 23.0.1271.64 for Windows, Macintosh, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.US-CERT encourages users and administrators to review the Google Chrome Release blog entry and…
Adobe has released security updates for Adobe Flash Player. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.Secure updates are available for the following versions of Adobe Flash Player:Adobe Flash Player…
Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application.Cisco has released software updates that address this…
Adobe has released a security bulletin to address multiple vulnerabilities in Adobe Shockwave Player 11.6.7.637 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.US-CERT encourages users and administrators to review…
HARRISBURG, PA — Attorney General Linda Kelly today urged Pennsylvania consumers who use e-books to carefully review information about proposed settlements between state attorneys general and several of the nation’s largest publishing companies. Kelly said the settlements, which are currently…
Adobe has released a security bulletin for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.238 and…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, SQL Server, Server Software, Office, and Lync as part of the Microsoft Security Bulletin summary for October 2012. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service…
Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new…
US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems (CMSs) such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content.US-CERT recommends that users and administrators ensure that their CMS…