The Information Security Office wants to make you aware that a number of vulnerabilities affecting Microsoft Office and Adobe Acrobat were disclosed this week. Furthermore, we have been made aware that savvy criminals are launching phishing campaigns to deliver malware (such as viruses, Trojans, worms, etc.) by sending specially crafted documents (like pdf, PowerPoint) attached [...]
Archive for category Advisories
Also known as “Poodle”, this vulnerability could allow an attacker to steal web site login information or payment data.
“A vulnerability exists within the SSL version 3.0 protocol… allowing an attacker to hijack and decrypt session cookies that are utilized between a user’s web browser and the web site. This could lead to attackers obtaining enough [...]
Several important vulnerabilities in Microsoft products, including Windows, Office, .NET, Internet Explorer, were released today along with patch information. They are:
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (MS14-057)
Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (MS14-058)
Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-061)
Cumulative Security Update for [...]
There is a new exploit that has hit the internet called BadUSB that poses a Security threat based on USB devices. Instructions and applications to create infected USB devices are available on the internet. The exploit allows installation into the USB’s firmware where it is run automatically when plugged into a computer system. The firmware [...]
A serious bug in Bash was discovered last week. According to multiple sources this bug has been in Bash since 1992. Shellshock allows an attacker to execute arbitrary code in Bash by setting specific environment variables. Two CVE numbers have been assigned: CVE-2014-6271and CVE-2014-7169.
If you aren’t a Linux user you may not be familiar [...]