Tagged: feeds

Thumbnail 0

FTC Details the Top 10 Imposter Scams of 2014

Original release date: March 02, 2015 The Federal Trade Commission (FTC) has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions

Cisco IPv6 Denial of Service Vulnerability 0

Cisco IPv6 Denial of Service Vulnerability

Original release date: February 25, 2015 Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System X (CRS-X) running an affected version of Cisco IOS XR Software are affected by this vulnerability

Samba Remote Code Execution Vulnerability 0

Samba Remote Code Execution Vulnerability

Original release date: February 24, 2015 Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon (smbd). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected

Lenovo Computers Vulnerable to HTTPS Spoofing 0

Lenovo Computers Vulnerable to HTTPS Spoofing

Original release date: February 20, 2015 Lenovo consumer personal computers employing the pre-installed Superfish Visual Discovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system. US-CERT recommends users and administrators review Vulnerability Note VU#529496 and US-CERT Alert TA15-051A for additional information and mitigation details

TA15-051A: Lenovo “Superfish” Adware Vulnerable to HTTPS Spoofing 0

TA15-051A: Lenovo “Superfish” Adware Vulnerable to HTTPS Spoofing

Original release date: February 20, 2015 Systems Affected Lenovo consumer PCs that have Superfish VisualDiscovery installed and potentially others. Overview “Superfish” adware installed on some Lenovo PCs install a non-unique trusted root certification authority (CA) certificate, allowing an attacker to spoof HTTPS traffic. Description Starting in as early as 2010, Lenovo has pre-installed Superfish VisualDiscovery spyware on some of their PCs.

IC3 Releases Alert for a Scam Targeting Businesses 0

IC3 Releases Alert for a Scam Targeting Businesses

Original release date: January 24, 2015 The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into accounts they control.