Security Vulnerability


Security Vulnerability

 

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.  Below you will find Security Vulnerability feeds from Apple and Microsoft and many of the top security organizations.

 

 

 

  • Vuln: GNU glibc CVE-2018-11237 Local Buffer Overflow Vulnerability
    GNU glibc CVE-2018-11237 Local Buffer Overflow Vulnerability ... read more
    Source: Security FocusPublished on 2018-05-24
  • FBI Releases Article on Building a Digital Defense with Credit Reports
    Original release date: May 23, 2018FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.NCCIC encourages ... read more
    Source: US-CERTPublished on 2018-05-23
  • VPNFilter Destructive Malware
    Original release date: May 23, 2018NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection ... read more
    Source: US-CERTPublished on 2018-05-23
  • Vuln: Adobe Acrobat and Reader NT LAN Manager CVE-2018-4993 Information Disclosure Vulnerability
    Adobe Acrobat and Reader NT LAN Manager CVE-2018-4993 Information Disclosure Vulnerability ... read more
    Source: Security FocusPublished on 2018-05-23
  • Tragedy-Related Scams
    Original release date: May 21, 2018In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from ... read more
    Source: US-CERTPublished on 2018-05-21
  • Mozilla Releases Security Update for Thunderbird
    Original release date: May 18, 2018Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update. ... read more
    Source: US-CERTPublished on 2018-05-19
  • ISC Releases Security Advisories for BIND
    Original release date: May 18, 2018The Internet Systems Consortium (ISC) has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.NCCIC encourages users and administrators to review ISC Knowledge Base Articles AA-01602 and AA-01606 ... read more
    Source: US-CERTPublished on 2018-05-18