Cisco Releases Security Updates 15 Aug 2018, 5:48 pm

Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.  

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

• Web Security Appliance Web Proxy Memory Exhaustion Denial-of-Service Vulnerability cisco-sa-20180815-wsa-dos
• Unified Communications Manager IM & Presence Service Denial-of-Service Vulnerability cisco-sa-20180815-ucmimps-dos
• Adaptive Security Appliance Web Services Denial-of-Service Vulnerability cisco-sa-20180606-asaftd

This product is provided subject to this Notification and this Privacy & Use policy.

FBI Releases Guidance on Defending Against Travel Scams 15 Aug 2018, 2:04 am

The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against travel scams. FBI explains how scammers trick consumers with "free" vacation ploys. These offers may be fake or involve hidden fees. Legitimate companies will not ask prize winners to pay to claim their reward.

NCCIC encourages consumers to review the FBI Article, the Federal Trade Commission's Travel Tips, and NCCIC's Tip on Avoiding Social Engineering and Phishing Attacks for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Updates 14 Aug 2018, 11:16 pm

VMware has released security updates to address vulnerabilities in vSphere, Workstation, Fusion, and Virtual Appliances. An attacker could exploit these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review VMware Security Advisories VMSA-2018-0020, VMSA-2018-0021, and VMSA-2018-0022 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Samba Releases Security Updates 14 Aug 2018, 10:23 pm

The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, and CVE-2018-1140 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates 14 Aug 2018, 9:21 pm

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Experience Manager, Adobe Flash Player, and Adobe Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-20, APSB18-25, APSB18-26, and APSB18-29, and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases August 2018 Security Updates 14 Aug 2018, 9:14 pm

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review Microsoft’s August 2018 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Intel Side-Channel L1TF Vulnerability 14 Aug 2018, 5:54 pm

Intel has released recommendations to address a side-channel vulnerability called L1 Terminal Fault (L1TF) that affects multiple Intel microprocessors. An attacker could exploit this vulnerability to obtain sensitive information.

NCCIC encourages users and administrators to review Intel's Security Advisory INTEL-SA-00161, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.

Additional resources include:

• Intel Security First
• Intel Resources and Response to Side Channel L1 Terminal Fault
• Vulnerability Note VU#982149
• NCCIC TA18-141A: Side-Channel Vulnerability Variants 3a and 4
• NCCIC TA18-004A: Meltdown and Spectre Side-Channel Vulnerability Guidance

This product is provided subject to this Notification and this Privacy & Use policy.

Oracle Releases Security Alert 13 Aug 2018, 7:19 pm

Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review the Oracle Security Alert and the Multi-State Information Sharing & Analysis Center Advisory 2018-089 for more information and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Back-to-School Cyber Safety 10 Aug 2018, 12:25 pm

As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students with their schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple steps that can help keep students stay safe while using their mobile devices and getting online.

NCCIC suggests reviewing the following tips and resources for information to keep students cyber safe:

• Keeping Children Safe Online
• Rethink Cyber Safety Rules and the “Tech Talk” with Your Teens
• Building a Digital Defense for School Kids and Cell Phone Safety
• Stop.Think.Connect. Toolkit
• Stay Safe Online
• Concerned Parent’s Internet Safety Toolbox

This product is provided subject to this Notification and this Privacy & Use policy.

North Korean Malicious Cyber Activity 9 Aug 2018, 5:02 pm

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

US-CERT encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-17 and the US-CERT page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.

This product is provided subject to this Notification and this Privacy & Use policy.