Sun has released update 17 for Java SE JDK 6 and Java SE JRE 6 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure. US-CERT encourages users and administrators to review the Java SE 6 Update 17 release notes and apply any necessary [...]
US-CERT is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that [...]
Research In Motion has released a security advisory to address multiple vulnerabilities in the PDF distiller of some released versions of the BlackBerry Attachment Service. The advisory lists the affected versions as BlackBerry Enterprise Server 5.0.0 running on Microsoft Windows version 2003 or 2008, BlackBerry Enterprise Server 5.0.0 running on Microsoft Windows 2000, BlackBerry Enterprise [...]
With the holidays fast approaching and the increased usage of seasonal decorations, it is important to focus on candle fire safety and prevention. Because the majority of candle fires result from human error and negligence, candle fires and their associated casualties are preventable. If possible, avoid using lighted candles. If you must use candles, ensure [...]
US-CERT is aware of public reports of malicious code circulating via phishing email messages that appear to come from the Social Security Administration. The messages indicate that the users’ annual Social Security statements may contain errors and instruct users to follow a link to review their Social Security statement. If users click this link, they [...]
Microsoft has released security advisory 977981 to address a vulnerability in Microsoft Internet Explorer. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Microsoft Security Advisory 977981 and implement the suggested workarounds listed in the advisory to help mitigate the risks. via US-CERT Current Activity.
WASHINGTON—Four individuals were sentenced today by U.S. District Judge Marianne O. Battani in federal court in Detroit for their roles in a wide-ranging international stock fraud scheme involving the illegal use of bulk commercial e-mails, or “spamming,” announced Assistant Attorney General of the Criminal Division Lanny A. Breuer and U.S. Attorney for the Eastern District [...]
The Federal Trade Commission today reiterated that despite the claims made in e-mails circulating on the Internet, consumers should not be concerned that their cell phone numbers will be released to telemarketers in the near future, and that it is not necessary to register cell phone numbers on the National Do Not Call (DNC) Registry [...]
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for November 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges. US-CERT encourages users and administrators to review the bulletins and follow best-practice [...]
Apple has released Mac OS X v10.6.2 and Security Update 2009-006 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct a man-in-the-middle attack, operate with escalated privileges, or obtain sensitive information. US-CERT encourages users and administrators to review Apple article [...]
