Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
Google has released Chrome version 62.0.3202.62 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary updates.
Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Users and administrators are encouraged to review the Oracle October 2017 Critical Patch Update and apply the necessary updates.
The Internet Crime Complaint Center (IC3) has issued an alert on distributed denial-of-service (DDoS)-for-hire services advertised on criminal forums and marketplaces. Using DDoS attacks to prevent legitimate users from accessing websites or information can lead to serious consequences.
US-CERT encourages users and administrators to review the IC3 Alert for more information and US-CERT's Alert on Heightened DDoS Threat Posed by Mirai and Other Botnets.
In conjunction with National Cyber Security Awareness Month, the Internet Crime Complaint Center (IC3) has issued an alert to individuals and businesses about the security risks involved with the Internet of Things (IoT). IoT refers to the emerging network of devices (e.g., smart TVs, home automation systems) that connect to one another via the Internet, often automatically sending and receiving data. IC3 warns that once a device is compromised, an attacker may take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.
US-CERT encourages individuals and businesses to review the IC3 Alert for more information on IoT vulnerabilities and mitigation techniques.