TempRacer – Windows Privilege Escalation Tool

Read Full Article

New ransomware installs in boot record, encrypts hard disk [Updated]

Petya performs fake CHKDSK, and instead encrypts the master file table on disk.

Read Full Article

5 things you should know about two-factor authentication

One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online.

Here are five points to help you understand this technology.

1. Two-factor authentication or two-step verification?

A lot of people think they’re the same thing, but that’s not accurate.

There are three types of authentication factors: something you know, such as a password or PIN; something you have, such as a mobile phone or a special USB key; and something you are, such as your fingerprint or other biometric identifier.

To read this article in full or to leave a comment, please click here

Read Full Article

Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

Read Full Article

“Defining the Security Awareness Maturity Model”

Last week we introduced the Security Awareness Maturity Model.Established in 2011, this maturity model enables organizations to identify where their security awareness program is currently at, where a qualified leader can take it and the path how to get there. Below we describe each stage of the maturity model. As you go through each … Continue reading Defining the Security Awareness Maturity Model

Read Full Article

Cisco Releases Security Updates

Original release date: March 09, 2016

Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

For details on securing your home network, please see US-CERT Tip ST15-002.


This product is provided subject to this Notification and this Privacy & Use policy.

Read Full Article

ISC Releases Security Updates for BIND

Original release date: March 09, 2016

The Internet Systems Consortium (ISC) has released updates that address three vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.8-P4
  • BIND 9 version 9.10.3-P4
  • BIND 9 version 9.9.8-S6

US-CERT encourages users and administrators to review ISC Knowledge Base Articles AA-01351, AA-01352, and AA-01353 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Read Full Article

Apple Releases Security Update

Original release date: March 09, 2016 | Last revised: March 11, 2016

Apple has released a security update to address a vulnerability in Apple Software Update. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security website for Software Update 2.2 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.

Read Full Article

Adobe Releases Security Updates for Flash Player

Original release date: March 10, 2016

Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-08 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Read Full Article

Citrix Releases Security Update

Original release date: March 10, 2016

Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected server.

Users and administrators are encouraged to review Citrix Security Bulletin CTX207824 and Vulnerability Note VU#485744 for more information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Read Full Article