tcnj wordmark

0 day exploit targeting Word & Outlook

  Reported by Brian Krebs:  Microsoft warned today that attackers are exploiting a previously unknown security hole in Microsoft Word that can be used to foist malicious code if users open a specially crafted text file, or merely preview the message in Microsoft Outlook. In a notice published today, Microsoft advised: “Microsoft is aware of aContinue Reading

University Direct Deposit Account Credentials Targeted by Phishing Emails

In at least three separate incidents in 2014, malicious actors sent phishing emails with malicious links to University employees; employees who clicked on the link were taken to fraudulent websites that collected single sign-on credentials, which were used to modify the employee’s direct deposit account information. By changing this information, the malicious actors rerouted theContinue Reading

Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution

Multiple vulnerabilities have been discovered in Google Chrome that could result in several issues including remote code execution.  These vulnerabilities can be exploited if a user visits, or is redirected to, a specially crafted web page. Successful exploitation of these vulnerabilities could result in an attacker gaining the same privileges as the affected application. DependingContinue Reading

Phishing scam – January 2014

Be wary of an email about a “Mail Server Upgrade.”  Page looks like Zimbra login. It’s a phishing scam. Many have been caught in the trap.

Java version 7 update 51

Oracle has released an update yesterday that patches 36 security holes in the previous version (7u45).  Please visit www.java.com to update your Java runtime environment. For more information:  http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Vulnerability in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB14-01)

A vulnerability has been discovered in Adobe Reader and Adobe Acrobat that could allow an attacker to crash or take control of the affected system. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs;Continue Reading

Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-001)

Multiple vulnerabilities have been discovered in Microsoft Office which could allow an attacker to take complete control of an affected system. Successful exploitation of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view,Continue Reading

Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-02)

Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow an attacker to take control of the affected system.  Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or deleteContinue Reading

Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution – 12/11/13

Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey applications, which could allow remote code execution.  Successful exploitation of these vulnerabilities could result in either an attacker gaining the same privileges as the logged on user, or gaining session authentication credentials. Depending on the privileges associated with the user, an attacker could installContinue Reading

Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB13-28)

Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow an attacker to take control of the affected system. Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or deleteContinue Reading

Top