H-ISAC TIC Vulnerability Bulletin

July 25, 2019
On May 14th, 2019 Microsoft released a security advisory1 and patches for the CVE-2019-0708 "Remote Desktop Services Remote Code Execution Vulnerability" now commonly known as “BlueKeep.” The vulnerability affects RDP services for Windows 2000, Windows XP, Server 2003, Vista, Server 2008, 7, and...
9 to 5  Logo

Major iPhone FaceTime bug lets you hear the audio of the person you are calling … before they pick up

January 29, 2019
A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call. Apple says the...
fireye Logo

Global DNS Hijacking Campaign: DNS Record Manipulation at Scale

January 11, 2019
FireEye’s Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. While we do not...
ms Logo

Attacks attempt to circumvent Exchange Online multi-factor authentication

August 13, 2018
<p>From Secure Works via NH-ISAV:</p>
Humana Logo

Humana Notifying Victims of 'Identity Spoofing' Attack

July 03, 2018
Article from DataBreach
IT Blog Logo

Building Relationships and Trust: The Key to Improving Security

June 20, 2018
From: The research project is being conducted by Ashwin Mathew, a visiting scholar at the UC Berkeley School of Information and a researcher at Packet Clearing House. In a system as large as UC, where...
UCSF  Logo

Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux to address multiple vulnerabilities

June 13, 2018
WHAT HAPPENED? Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux to address multiple vulnerabilities. Advanced Users: For a complete description of the security enhancement and affected software refer to the following Stable Channel Update for Desktop: https://...
Security Week Logo

Atlanta Says Further $9.5 Million Needed for Ransomware Recovery

June 12, 2018
The City of Atlanta was struck by SamSam ransomware in March 2018. The ransom was set at $51,000 (in Bitcoin); but is believed not to have been paid. At that time, it was thought that some customer-facing applications and some internal services had been disrupted; but that no critical services had...