The Federal Trade Commission (FTC) has issued guidance to consumers considering using a Virtual Private Network (VPN) for their mobile phones. Some mobile phone users choose to use VPNs to shield the information on their phones when using public Wi-Fi networks.
NCCIC/US-CERT encourages consumers to review the FTC article for more information.
Drupal has released an advisory to address multiple vulnerabilities in Drupal 7.x and 8.4.x. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information.
The Internet Crime Complaint Center (IC3) has issued an alert on the increase in W-2-related phishing campaigns. Fraudsters often use tax-related phishing emails to get victims to provide personally identifiable information, click on a malicious link, or pay a ransom.
NCCIC/US-CERT encourages taxpayers to review the IC3 Alert and refer to the NCCIC/US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you have been a victim of a phishing campaign, report it to IC3 at www.ic3.gov
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.