The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Apple has released updates for iOS and Apple TV devices to address a vulnerability that allows an attacker with a privileged network position to capture or modify data in protected SSL/TLS sessions.
Updates are available:
- iOS 6.1.6 for iPhone 3GS and iPod touch 4th generation.
- iOS 7.0.6 for iPhone 4 and later, iPod touch 5th generation, and iPad 2 and later.
- Apple TV 6.0.2 for Apple TV 2nd generation and later.
Google has released Google Chrome 33.0.1750.117 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to completely compromise a vulnerable system.
Users and administrators are encouraged to review the Google Chrome Release blog entry and apply the update.
Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System (UCS) Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user account created during installation. Successful exploitation of this vulnerability would provide the attacker with full administrative rights to the system.
US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the update provided to address this vulnerability.