phishing

Revision Note: V1.0 (January 12, 2016): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of...

Revision Note: V1.0 (November 30, 2015): Advisory published. Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...

Revision Note: V1.0 (November 30, 2015): Advisory published. Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...

Original release date: October 13, 2015 Systems Affected Microsoft Windows Overview Dridex, a peer-to-peer (P2P) bank credential-stealing malware, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control (C2). The United...

Original release date: August 01, 2015 Systems Affected Microsoft Windows Systems, Adobe Flash Player, and Linux Overview Between June and July 2015, the United States Computer Emergency Readiness Team (US-CERT) received reports of multiple, ongoing and likely evolving, email-based phishing...

Today, we’re sharing more on security in Windows 10. Windows 10 has more built-in security protections to help safeguard you against viruses, phishing, and malware, it’s the most secure Windows ever. New features are now delivered through automatic updates, helping you to stay current and your...

With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks. This post covers some of the advanced...

Rombertik is designed to steal any plain text entered into a browser window A new type of malware resorts to crippling a computer if it is detected during security checks, a particularly catastrophic blow to its victims. The malware, nicknamed Rombertik by Cisco Systems, is designed to...

Revision Note: V1.0 (March 24, 2015): Advisory published. Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The...

Revision Note: V1.0 (March 16, 2015): Advisory published. Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...

Revision Note: V1.0 (March 16, 2015): Advisory published. Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...

For years our customers have been in the trenches against cyberattacks in an increasingly complex digital landscape. We’ve been there with you, as have others. And we aren’t going anywhere. Forces often seek to undermine and disrupt technology and people, attempting to weaken the very devices...

Original release date: November 13, 2014 Systems Affected iOS devices running iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta. Overview A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances. Description...

Hi I just got this strange email message. This guy claims to be the innovator of MagicJack and wants people to donate to cover his medical costs... Link Removed Why he would be asking me for money is beyond me, I don't and have never had a MagicJack or anything to do with them. He's only...

Hi This morning I noticed that my action center was trying to get my attention. When I opened it I recieved a message that said, "Click here to enter your most recent Windows Password. (Important)" When I clicked on it, it brought up this message screen... Link Removed When I clicked on...

Original release date: October 27, 2014 Systems Affected Microsoft Windows Overview Since mid-October 2014, a phishing campaign has targeted a wide variety of recipients while employing the Dyre/Dyreza banking malware. Elements of this phishing campaign vary from target to target including...

Original release date: October 22, 2014 Systems Affected Microsoft Windows Overview Ransomware is a type of malicious software (malware) that infects a computer and restricts access to it until a ransom is paid to unlock it. This Alert is the result of Canadian Cyber Incident Response...

Problems: Your computer has been infiltrated with browser redirection malware. This redirection malware often jumps you over to to a fake Java website which is a phishing scam. Once you arrive on this page, by clicking on a hyperlink and being redirected, do not click on anything on that page...

Last week it was on a few news sites and I saw it on CCN that russians hacked many big sites, but none where named, Apparently there were major companies hit. I have in the last few weeks had a big increase on numerous of my emails getting spammed so I can see a few must of got hit. I got an...

Severity Rating: Important Revision Note: V1.0 (August 12, 2014): Bulletin published. Summary: This security update resolves two privately reported vulnerabilities in Microsoft SQL Server (one in SQL Server Master Data Services and the other in the SQL Server relational database management...