1-855-474-1700 - Call Now to Speak to a Client Account Manager
1-855-474-1700

Cyber Security Updates


CISA Current Activity https://www.us-cert.gov/ncas/current-activity.xml A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT. en VMware Releases Security Updates for Multiple Products https://www.us-cert.gov/ncas/current-activity/2019/09/20/vmware-releases-security-updates-multiple-products Original release date: September 20, 2019<br/><p>VMware has released security updates to address vulnerabilities&nbsp;affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory <a href="https://www.vmware.com/security/advisories/VMSA-2019-0014.html">VMSA-2019-0014</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Fri, 20 Sep 2019 17:37:44 +0000 CISA 12897 at https://www.us-cert.gov CISA Releases Four New Insights Products https://www.us-cert.gov/ncas/current-activity/2019/09/20/cisa-releases-four-new-insights-products Original release date: September 20, 2019<br/><p>The Cybersecurity and Infrastructure Security Agency (CISA) has released four new CISA Insights products informed by U.S. intelligence and real-world events. Each of the following products provides a description of the threat, lessons learned, recommendations, and additional relevant resources:</p> <ul> <li><a href="https://www.cisa.gov/sites/default/files/publications/CISAInsights-Cyber-MitigateDNSInfrastructureTampering_S508C.pdf">Mitigate DNS Infrastructure Tampering</a></li> <li><a href="https://www.cisa.gov/sites/default/files/publications/CISAInsights-Cyber-RemediateVulnerabilitiesforInternetAccessibleSystems_S508C.pdf">Remediate Vulnerabilities for Internet-Accessible Systems</a></li> <li><a href="https://www.cisa.gov/sites/default/files/publications/CISAInsights-Cyber-SecureHighValueAssets_S508C.pdf">Secure High Value Assets</a></li> <li><a href="https://www.cisa.gov/sites/default/files/publications/CISAInsights-Cyber-EnhanceEmailandWebSecurity_S508C.pdf">Enhance Email and Web Security</a></li> </ul> <p>CISA urges organizations to review the updated <a href="https://www.cisa.gov/insights">CISA Insights page</a> and implement the recommendations.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Fri, 20 Sep 2019 14:22:45 +0000 CISA 12894 at https://www.us-cert.gov Google Releases Security Updates for Chrome https://www.us-cert.gov/ncas/current-activity/2019/09/19/google-releases-security-updates-chrome Original release date: September 19, 2019<br/><p>Google has released Chrome 77.0.3865.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop_18.html">Chrome Release</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Thu, 19 Sep 2019 13:47:22 +0000 CISA 12892 at https://www.us-cert.gov VMware Releases Security Updates for Multiple Products https://www.us-cert.gov/ncas/current-activity/2019/09/17/vmware-releases-security-updates-multiple-products Original release date: September 17, 2019<br/><p>VMware has released security updates to address vulnerabilities&nbsp;in ESXi and vCenter. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory <a href="https://www.vmware.com/security/advisories/VMSA-2019-0013.html">VMSA-2019-0013</a> and apply the necessary updates and workarounds.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 17 Sep 2019 15:06:04 +0000 CISA 12885 at https://www.us-cert.gov 2019 CWE Top 25 Most Dangerous Software Errors https://www.us-cert.gov/ncas/current-activity/2019/09/17/2019-cwe-top-25-most-dangerous-software-errors Original release date: September 17, 2019<br/><p>MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html">Top 25 list</a> and evaluate recommended mitigations to determine those most suitable to adopt.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 17 Sep 2019 14:30:54 +0000 CISA 12881 at https://www.us-cert.gov Intel Releases Security Updates https://www.us-cert.gov/ncas/current-activity/2019/09/10/intel-releases-security-updates Original release date: September 10, 2019<br/><p>Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit&nbsp;one of these vulnerabilities to gain an escalation of privileges on a previously infected machine.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Intel's Security Advisories <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00290.html">INTEL-SA-00290</a> and <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00285.html">INTEL-SA-00285</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Wed, 11 Sep 2019 00:45:17 +0000 CISA 12859 at https://www.us-cert.gov Google Releases Security Updates for Chrome https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases-security-updates-chrome Original release date: September 10, 2019<br/><p>Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html">Chrome Release</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 10 Sep 2019 23:25:40 +0000 CISA 12856 at https://www.us-cert.gov MS-ISAC Releases Security Event Primer on Malware https://www.us-cert.gov/ncas/current-activity/2019/09/10/ms-isac-releases-security-event-primer-malware Original release date: September 10, 2019<br/><p>The Multi-State Information Sharing &amp; Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC’s White Paper: <a href="https://www.cisecurity.org/white-papers/security-event-primer-malware/ ">Security Event Primer – Malware</a>, see CISA’s Tip on <a href="https://www.us-cert.gov/ncas/tips/ST18-271">Protecting Against Malicious Code</a>, and implement the recommended best practices.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 10 Sep 2019 18:01:29 +0000 CISA 12855 at https://www.us-cert.gov Microsoft Releases September 2019 Security Updates https://www.us-cert.gov/ncas/current-activity/2019/09/10/microsoft-releases-september-2019-security-updates Original release date: September 10, 2019<br/><p>Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s September 2019 <a href="https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573">Security Update Summary</a> and <a href="https://support.microsoft.com/en-us/help/20190910/security-update-deployment">Deployment Information</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 10 Sep 2019 17:43:18 +0000 CISA 12854 at https://www.us-cert.gov Adobe Releases Security Updates https://www.us-cert.gov/ncas/current-activity/2019/09/10/adobe-releases-security-updates Original release date: September 10, 2019<br/><p>Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletins <a href="https://helpx.adobe.com/security/products/application_manager/apsb19-45.html ">APSB19-45</a> and <a href="https://helpx.adobe.com/security/products/flash-player/apsb19-46.html ">APSB19-46</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div> Tue, 10 Sep 2019 17:14:51 +0000 CISA 12852 at https://www.us-cert.gov