The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
WordPress 3.8.2 has been released to address multiple vulnerabilities, one of which could allow an attacker to gain unauthorized access using forged authentication cookies. WordPress 3.7.1 users will be updated to 3.7.2, which contains the same security fixes as 3.8.2. Users operating older, unsupported versions of WordPress are encouraged to upgrade to 3.8.2.
US-CERT recommends users and administrators review the WordPress Maintenance and Security Release blog and apply the necessary updates.
Cisco has released a security advisory to address multiple vulnerabilities in Cisco Unified Communications Domain Manager, some of which may allow an attacker to execute arbitrary commands or obtain privileged access to the affected system.
The following updates are available:
- Cisco Unified CDM Application Software 8.1.4 and later.
- Cisco Unified CDM Platform Software 4.4.2 and later.
Users and administrators are encouraged to review the Cisco Security Advisory and apply the necessary updates.
Apple has released security updates for Mac OS X, Safari, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination.
Updates available include:
- Security Update 2014-003 for OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks 10.9 to 10.9.3.
- Safari 6.1.5 and Safari 7.0.5 for OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.3.
- iOS 7.1.2 for iPhone 4 and later, iPod touch 5th generation and later, or iPad 2 and later.
- Apple TV 6.2 for Apple TV 2nd generation and later.