The US-CERT National Cyber Awareness System sent out a notification yesterday and revised it today, May 21st entitled “TA13-141A: Washington, DC Radio Station Web Site Compromises”. The document outlines that on May 16th US-CERT was informed that two websites www.federalnewsradio-dot-com and www.wtop-dot-com had been compromised and that redirects had been put in place that would send Internet Explorer users to …
Oracle Java vulnerabilities – This is not a repeat
Nothing more to say here… JAVA is full of holes it might seem. ALL systems, including Apple Mac, Microsoft Windows, Windows Server, Linux, that are running Java may be vulnerable. Here’s the latest US-CERT Alert for February 20th in its entirety. — —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 National Cyber Awareness System US-CERT Alert TA13-051A Oracle Java Multiple Vulnerabilities Original …
2
Homeland Security advises disabling or uninstalling Java – With good reason…
This week, the Department of Homeland Security suggested disabling or uninstalling Java based on a CERT publication where they announced Java 7 fails to restrict access to privileged code. That original posting has been updated as recently as today, January 12, 2013. What does it all mean? Well, in a nutshell, if you have the vulnerable version of Java on your …
1
CERT releases Cyber Security Alert TA11-347A for Microsoft Updates…
National Cyber Alert System Technical Cyber Security Alert TA11-347A Microsoft Updates for Multiple Vulnerabilities Original release date: December 13, 2011 Last revised: — Source: US-CERT Systems Affected Microsoft Windows Microsoft Office Internet Explorer Overview There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for December …
Adobe Updates for Shockwave, Flash Media Server, Flash Player, AIR, Photoshop & RoboHelp
Running Adobe products? Of course you are! There are number of updates available that you need to apply. Please, if you are prompted to install these updates, do so. If not, make sure they are indeed installed, or better yet, just upgrade to the latest versions of the applications to avoid the potential for the vulnerabilities to be exploited… …
Secure IT Alert: CERT Issues Security Recommendations to Prevent Cyber Intrusions
Homeland Secure IT Alert for Wednesday, July 21st, 2011 The United States Computer Emergency Readiness Team has issued their recommendations for protection against network intrusions. I have included the entire document below, but the most current version of the document can be found here. Please keep in mind that these recommendations are not related to any one platform. These are …
SECURE IT ALERT: Microsoft vulnerability in DLL handling – Prepare thy self…
Homeland Secure IT Alert #3 for Thursday, August 26, 2010 Not to be outdone by the Apple Mac OS X security issues, Microsoft has a few new issues as well. This time regarding DLL handling. What follows is the original posting from US-CERT: — National Cyber Alert System Technical Cyber Security Alert TA10-238A Microsoft Windows Insecurely Loads Dynamic Libraries Original …
The latest Windows vulnerability is… The Engergizer DUO USB battery charger
While reading through CERT advisories, I came across an interesting one – a USB battery charger made by Energizer is vulnerable to a remote hacker who could gain access to your files and gain full control of your machine with administrator privileges. The solution is to uninstall the software. Read more at this blog: http://blogs.zdnet.com/security/?p=5602&tag=wrapper;col1