X
Euclid Security Newsletter 2/17/17
Mark Anderson

SECURITY NEWS

Yahoo Notifies Users of Sophisticated Breach Methods

Another breach has been discovered at Yahoo. This is on top of the billion user breach late last year. Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords.

http://www.securityweek.com/yahoo-notifies-users-sophisticated-breach-methods

Local School System Alerts Parents to Virtual Kidnapping Scam

A local story that also has recent occurrences across the country. Montgomery County Public Schools officials are warning of a virtual kidnapping scam involving phone calls targeting local parents in recent weeks.

http://www.bethesdamagazine.com/Bethesda-Beat/2017/MCPS-Alerts-Parents-to-Virtual-Kidnapping-Scam/

More from the FBI about this scam.

https://www.fbi.gov/news/stories/us-citizens-threatened-by-mexican-virtual-kidnapping-scheme

Microsoft Postpones February Security Updates to March 14

Microsoft has informed customers that the February security updates, which the company delayed due to unspecified issues, will only be released next month as part of the planned Update Tuesday.

https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/

NOTABLE RECENT SECURITY UPDATES

OpenSSL Releases Security Update

OpenSSL version 1.1.0e has been released to address a vulnerability for users of version 1.1.0. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.

https://www.openssl.org/news/secadv/20170216.txt

Cisco Releases Security Update

Cisco has released a security update to address a vulnerability in its UCS Director software. Exploitation of this vulnerability could allow an attacker to take control of an affected system.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Digital Editions, and Campaign. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

https://helpx.adobe.com/security/products/flash-player/apsb17-04.html

Apple Releases Security Update

Apple has released a security updates to address a vulnerability in GarageBand. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

https://support.apple.com/en-us/HT207518