Original release date: March 02, 2015 The Federal Trade Commission (FTC) has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions
Original release date: February 25, 2015 Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System X (CRS-X) running an affected version of Cisco IOS XR Software are affected by this vulnerability
Original release date: February 24, 2015 Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon (smbd). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected
Original release date: February 20, 2015 Lenovo consumer personal computers employing the pre-installed Superfish Visual Discovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system. US-CERT recommends users and administrators review Vulnerability Note VU#529496 and US-CERT Alert TA15-051A for additional information and mitigation details
Original release date: February 20, 2015 Systems Affected Lenovo consumer PCs that have Superfish VisualDiscovery installed and potentially others. Overview “Superfish” adware installed on some Lenovo PCs install a non-unique trusted root certification authority (CA) certificate, allowing an attacker to spoof HTTPS traffic. Description Starting in as early as 2010, Lenovo has pre-installed Superfish VisualDiscovery spyware on some of their PCs.
Original release date: February 18, 2015 The Internal Revenue Service (IRS) has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals.
Original release date: February 10, 2015 Microsoft has released updates to address vulnerabilities in Windows as part of the Microsoft Security Bulletin Summary for February 2015.
7 retweets 2 favorites
Original release date: January 24, 2015 The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into accounts they control.