This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.
SG Security ScanThe SG Security Scan is a great tool that tests a number of ports on your computer for the most common vulnerabilities.
SG Security Scanner
Commonly Open Ports
SG Ports - comprehensive database of known TCP/UDP ports
SG Security ArticlesGeneral Security Guide
How To Crack WEP and WPA Wireless Networks
IRDP Security Vulnerability in Windows
Why encrypt your online traffic with VPN ?
Latest Threats - SymantecTrojan.Cryptolock g13 - (2015.07.03) Risk Level: Very Low. Type: Trojan.
Hacktool.Bannerjack - (2015.07.03) Risk Level: Very Low. Type: Trojan.
Hacktool.Multipurpose - (2015.07.03) Risk Level: Very Low. Type: Trojan.
Hacktool.EventLog - (2015.07.03) Risk Level: Very Low. Type: Trojan.
Hacktool.Proxy.A - (2015.07.03) Risk Level: Very Low. Type: Trojan.
Hacktool.Securetunnel - (2015.07.04) Risk Level: Very Low. Type: Trojan.
OSX.Dropper - (2015.07.04) Risk Level: Very Low. Type: Trojan.
OSX.Backloader - (2015.07.04) Risk Level: Very Low. Type: Trojan.
Packed.Dromedan gen15 - (2015.07.02) Risk Level: Very Low. Type: Trojan.
Infostealer.Bancos.BE - (2015.07.01) Risk Level: Very Low. Type: Trojan.
Latest Security Advisories (US-CERT)
Cisco Releases Security Update (2015.07.01)
Original release date: July 01, 2015
Cisco has released a security update to address a vulnerability in versions of the Unified Communications Domain Manager Platform Software prior to 10.x. Exploitation of this vulnerability may allow a remote attacker to take control of the affected system.
US-CERT recommends that users review the Cisco Security Advisory and apply the necessary update.
Apple Releases Security Updates for QuickTime, Safari, Mac EFI, OS X Yosemite, and iOS (2015.06.30)
Original release date: June 30, 2015
Apple has released security updates for QuickTime, Safari, Mac Extensible Firmware Interface (EFI), OS X Yosemite, and iOS. Exploitation of some of these vulnerabilities may allow an attacker to obtain elevated privileges or crash applications.
Available updates include:
OPM Identity-Protection Phishing Campaigns (2015.06.30)
Original release date: June 30, 2015 | Last revised: July 01, 2015
US-CERT is aware of suspicious domain names that may be used in phishing campaigns masquerading as official communication from the Office of Personnel Management (OPM) or the identity protection firm CSID. Https://opm.csid.com is the legitimate domain used by CSID, which is responsible for identity protection services for those affected by the recent data breach.
US-CERT recommends that users visit the OPM website for more information. Users are also encouraged to read US-CERT's guidance on avoiding social engineering and phishing attacks and report suspicious emails.
Cisco Releases Security Updates (2015.06.25)
Original release date: June 25, 2015
Cisco has released security updates to address vulnerabilities in Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content Security Management Virtual Appliance (SMAv) software. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of the affected appliance.
US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.
Fraud Alert Issued on Business Email Compromise Scam (2015.06.24)
Original release date: June 24, 2015
The Financial Services Information Sharing and Analysis Center (FS-ISAC) and federal law enforcement agencies have released a joint alert warning companies of a sophisticated wire payment scam referred to as business email compromise (BEC). Scammers use fraudulent information to trick companies into directing financial transactions into accounts scammers control.
IC3 Issues Alert on CryptoWall Ransomware (2015.06.23)
Original release date: June 23, 2015
The Internet Crime Complaint Center (IC3) has issued an alert warning that U.S. individuals and businesses are still at risk of CryptoWall ransomware fraud. Scam operators use ransomwarea type of malicious softwareto infect a device and restrict access until a ransom fee is paid. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee files will be released.
Adobe Releases Security Updates for Flash Player (2015.06.23)
Original release date: June 23, 2015
Adobe has released security updates to address a critical vulnerability in Flash Player for Windows, Macintosh, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB15-14and apply the necessary updates.
Google Releases Security Update for Chrome (2015.06.22)
Original release date: June 22, 2015
Google has released Chrome version 43.0.2357.130 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to obtain sensitive information.
Users and administrators are encouraged to review the Chrome Releases Page and apply the necessary updates.