In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. Below you will find Security Vulnerability feeds from Apple and Microsoft and many of the top security organizations.
- Vuln: GNU glibc CVE-2018-11237 Local Buffer Overflow VulnerabilityGNU glibc CVE-2018-11237 Local Buffer Overflow Vulnerability ... read more
- FBI Releases Article on Building a Digital Defense with Credit ReportsOriginal release date: May 23, 2018FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.NCCIC encourages ... read more
- VPNFilter Destructive MalwareOriginal release date: May 23, 2018NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection ... read more
- Vuln: Adobe Acrobat and Reader NT LAN Manager CVE-2018-4993 Information Disclosure VulnerabilityAdobe Acrobat and Reader NT LAN Manager CVE-2018-4993 Information Disclosure Vulnerability ... read more
- Tragedy-Related ScamsOriginal release date: May 21, 2018In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from ... read more
- Mozilla Releases Security Update for ThunderbirdOriginal release date: May 18, 2018Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update. ... read more
- ISC Releases Security Advisories for BINDOriginal release date: May 18, 2018The Internet Systems Consortium (ISC) has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.NCCIC encourages users and administrators to review ISC Knowledge Base Articles AA-01602 and AA-01606 ... read more