Follow Us on Twitter Bookmark & Share Subscribe to Feed

Welcome to Internet Security News

We bring you continuously updated cyber security news and analysis. Get direct alerts via our Twitter Feed @AttackWarning

Security Tips

  • ST14-001: Sochi 2014 Olympic Games
    Original release date: February 04, 2014 | Last revised: March 10, 2014OverviewWhether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-relate…
    - 75 days ago, 4 Feb 14, 3:20pm -
  • ST13-003: Handling Destructive Malware
    Original release date: November 04, 2013Overview Destructive malware presents a direct threat to an organization’s daily operations, directly impacting the availability of critical assets and data. Organizations should i…
    - 4 Nov 13, 5:58pm -
  • 13-002: International Mobile Safety Tips
    Original release date: October 29, 2013 | Last revised: November 04, 2013October 29, 2013 marks the 4th Annual Asia Pacific Economic Cooperation Cyber Security Awareness Day. To recognize this occasion and in observance of…
    - 29 Oct 13, 5:32pm -
  • ST04-017: Protecting Portable Devices: Physical Security
    Original release date: December 19, 2011 | Last revised: February 06, 2013Many computer users, especially those who travel for business, rely on laptops and personal internet-enabled devices like smartphones and tablets because they are…
    - 19 Dec 11, 6:01pm -
  • ST11-001: Holiday Traveling with Personal Internet-Enabled Devices
    Original release date: December 19, 2011 | Last revised: February 06, 2013The internet is at our fingertips with the widespread use of internet-enabled devices such as smart phones and tablets. When traveling and shopping anytime, and es…
    - 19 Dec 11, 5:42pm -
  • ST05-017: Cybersecurity for Electronic Devices
    Original release date: December 19, 2011 | Last revised: February 06, 2013When you think about cybersecurity, remember that electronics such as smartphones and other internet-enabled devices may also be vulnerable to attack. Take appropr…
    - 19 Dec 11, 5:27pm -
  • ST06-001: Understanding Hidden Threats: Rootkits and Botnets
    Original release date: August 24, 2011 | Last revised: February 06, 2013Attackers are continually finding new ways to access computer systems. The use of hidden methods such as rootkits and botnets has increased, and you may be a victim…
    - 25 Aug 11, 2:41am -
  • ST04-024: Understanding ISPs
    Original release date: July 06, 2011 | Last revised: February 06, 2013ISPs offer services like email and internet access. In addition to availability, you may want to consider other factors so that you find an ISP that supports all of yo…
    - 6 Jul 11, 2:10pm -
  • ST06-005: Dealing with Cyberbullies
    Original release date: June 01, 2011 | Last revised: February 06, 2013Bullies are taking advantage of technology to intimidate and harass their victims. Dealing with cyberbullying can be difficult, but there are steps you can take.…
    - 1 Jun 11, 4:26pm -
  • ST05-002: Keeping Children Safe Online
    Original release date: May 18, 2011 | Last revised: February 06, 2013Children present unique security risks when they use a computer—not only do you have to keep them safe, you have to protect the data on your computer. By taking some…
    - 18 May 11, 11:33am -

Alerts

  • TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)
    Original release date: April 08, 2014Systems AffectedOpenSSL 1.0.1 through 1.0.1fOpenSSL 1.0.2-betaOverviewA vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and…
    - 12 days ago, 8 Apr 14, 12:46pm -
  • TA14-069A: Microsoft Ending Support for Windows XP and Office 2003
    Original release date: March 10, 2014 | Last revised: March 11, 2014Systems AffectedMicrosoft Windows XP with Service Pack 3 (SP3) Operating SystemMicrosoft Office 2003 ProductsOverviewMicrosoft is ending support for the Windows XP operating sy…
    - 41 days ago, 10 Mar 14, 2:56pm -
  • TA14-017A: UDP-based Amplification Attacks
    Original release date: January 17, 2014 | Last revised: March 07, 2014Systems AffectedCertain UDP protocols have been identified as potential attack vectors:DNSNTPSNMPv2NetBIOSSSDPCharGENQOTDBitTorrentKadQuake Network ProtocolSteam ProtocolOvervie…
    - 93 days ago, 17 Jan 14, 8:22pm -
  • TA14-013A: NTP Amplification Attacks Using CVE-2013-5211
    Original release date: January 13, 2014 | Last revised: February 05, 2014Systems AffectedNTP serversOverviewA Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the u…
    - 97 days ago, 13 Jan 14, 10:51pm -
  • TA14-002A: Malware Targeting Point of Sale Systems
    Original release date: January 02, 2014 | Last revised: February 05, 2014Systems AffectedPoint of Sale SystemsOverviewPoint of Sale SystemsWhen consumers purchase goods or services from a retailer, the transaction is processed through what…
    - 2 Jan 14, 8:48pm -
  • TA13-317A: Microsoft Updates for Multiple Vulnerabilities
    Original release date: November 13, 2013 | Last revised: November 16, 2013Systems AffectedWindows Operating System and ComponentsMicrosoft OfficeInternet ExplorerOverviewSelect Microsoft software products contain multiple vulnerabilities. Micro…
    - 13 Nov 13, 12:12pm -
  • TA13-309A: CryptoLocker Ransomware Infections
    Original release date: November 05, 2013 | Last revised: November 18, 2013Systems AffectedMicrosoft Windows systems running Windows 8, Windows 7, Vista, and XP operating systemsOverviewUS-CERT is aware of a malware campaign that surfaced i…
    - 5 Nov 13, 3:58pm -
  • TA13-288A: Microsoft Updates for Multiple Vulnerabilities
    Original release date: October 15, 2013Systems AffectedWindows Operating System and ComponentsMicrosoft .NET FrameworkMicrosoft Server SoftwareMicrosoft OfficeMicrosoft SilverlightInternet Explorer OverviewSelect Microsoft software produc…
    - 15 Oct 13, 8:06pm -
  • TA13-253A: Microsoft Updates for Multiple Vulnerabilities
    Original release date: September 10, 2013Systems AffectedWindows Operating System and ComponentsMicrosoft Server SoftwareMicrosoft OfficeInternet Explorer OverviewSelect Microsoft software products contain multiple vulnerabilities. Micros…
    - 10 Sep 13, 8:03pm -
  • TA13-225A: Microsoft Updates for Multiple Vulnerabilities
    Original release date: August 13, 2013 | Last revised: August 15, 2013Systems AffectedWindows Operating System and ComponentsMicrosoft Server SoftwareInternet ExplorerOverviewSelect Microsoft software products contain multiple vulnerabilities.…
    - 13 Aug 13, 5:23pm -

Security Bulletins

  • SB14-104: Vulnerability Summary for the Week of April 7, 2014
    Original release date: April 14, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 7 days ago, 14 Apr 14, 10:09am -
  • SB14-097: Vulnerability Summary for the Week of March 31, 2014
    Original release date: April 07, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 13 days ago, 7 Apr 14, 3:56pm -
  • SB14-090: Vulnerability Summary for the Week of March 24th, 2014
    Original release date: March 31, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 20 days ago, 31 Mar 14, 12:09pm -
  • SB14-083: Vulnerability Summary for the Week of March 17, 2014
    Original release date: March 24, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 27 days ago, 24 Mar 14, 2:19pm -
  • SB14-077: Vulnerability Summary for the Week of March 10, 2014
    Original release date: March 18, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 33 days ago, 18 Mar 14, 11:38pm -
  • SB14-069: Vulnerability Summary for the Week of March 3, 2014
    Original release date: March 10, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the pas…
    - 41 days ago, 10 Mar 14, 3:23pm -
  • SB14-062: Vulnerability Summary for the Week of February 24, 2014
    Original release date: March 03, 2014 | Last revised: March 10, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerab…
    - 48 days ago, 3 Mar 14, 7:54pm -
  • SB14-055: Vulnerability Summary for the Week of February 17, 2014
    Original release date: February 24, 2014 | Last revised: March 10, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulne…
    - 55 days ago, 24 Feb 14, 4:17pm -
  • SB14-048: Vulnerability Summary for the Week of February 10, 2014
    Original release date: February 17, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the…
    - 63 days ago, 17 Feb 14, 10:06am -
  • SB14-041: Vulnerability Summary for the Week of February 3, 2014
    Original release date: February 10, 2014 | Last revised: February 11, 2014The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vu…
    - 70 days ago, 10 Feb 14, 10:24am -

Cyber Attack Stories

Vulnerabilities in the news

Malware

SANS Newsbites

Current Activity

  • Adobe Releases Security Update for Reader Mobile
    Original release date: April 17, 2014Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitr…
    - 3 days ago, 18 Apr 14, 2:24am -
  • Security Update for Chrome OS
    Original release date: April 17, 2014Google has released Chrome 34.0.1847.120 for all Chrome OS devices, except HP Chromebook Pavillion, to address multiple bug fixes, security updates, and feature enhancements.Users and administrators are encouraged…
    - 3 days ago, 18 Apr 14, 2:02am -
  • Oracle Releases April 2014 Security Advisory
    Original release date: April 16, 2014Oracle has released its Critical Patch Update for April 2014 to address 104 vulnerabilities across multiple products. This update contains the following security fixes:   2 for Oracle Database Server20 for Oracl…
    - 5 days ago, 16 Apr 14, 10:03am -
  • Easter Holiday Phishing Scams and Malware Campaigns
    Original release date: April 09, 2014As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:shipping notifications that may be phishing scams or may contain malwareelectronic gree…
    - 11 days ago, 9 Apr 14, 2:25pm -
  • Adobe Releases Security Updates for Flash Player and AIR
    Original release date: April 09, 2014Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and AIR. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.The followin…
    - 12 days ago, 9 Apr 14, 11:13am -
  • Microsoft Releases April 2014 Security Bulletin
    Original release date: April 08, 2014Microsoft has released updates to address vulnerabilities in Microsoft Office, Office Services, Web Apps, Windows and Internet Explorer as part of the Microsoft Security Bulletin Summary for April, 2014. These…
    - 12 days ago, 8 Apr 14, 5:26pm -
  • OpenSSL 'Heartbleed' Vulnerability
    Original release date: April 08, 2014A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extensi…
    - 13 days ago, 8 Apr 14, 10:51am -
  • Apple Releases Security Updates for Safari
    Original release date: April 02, 2014Apple released Safari 6.1.3 and Safari 7.0.3 for OS X to address multiple vulnerabilities in WebKit. Software memory corruption issues may lead to information disclosure, unexpected application termination, or ar…
    - 18 days ago, 3 Apr 14, 1:41am -
  • Microsoft Releases Security Advisory
    Original release date: March 25, 2014 | Last revised: March 26, 2014Microsoft has released a security advisory for Microsoft Word. A vulnerability exists for remote code execution which could allow an attacker to gain user rights by opening a specif…
    - 26 days ago, 25 Mar 14, 3:58pm -
  • Mozilla Releases Updates for Firefox, Thunderbird, and Seamonkey
    Original release date: March 18, 2014The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive inf…
    - 33 days ago, 18 Mar 14, 8:28pm -

For More News and Context:

News is important. Context is better. For great tech context see CTOvision.com For a tailored feed of federal cloud computing news see FedClouds.com For great tech newsfeeds see CTOlist.com