This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.
SG Security ScanThe SG Security Scan is a great tool that tests a number of ports on your computer for the most common vulnerabilities.
SG Security Scanner
Commonly Open Ports
SG Ports - comprehensive database of known TCP/UDP ports
SG Security ArticlesGeneral Security Guide
How To Crack WEP and WPA Wireless Networks
IRDP Security Vulnerability in Windows
Why encrypt your online traffic with VPN ?
Latest Threats - SymantecAdware.Dealply gen3 - (2015.11.30) Risk Level: Very Low.
Packed.Generic.496 - (2015.11.30) Risk Level: Very Low. Type: Trojan.
Trojan.Otlard - (2015.11.30) Risk Level: Very Low. Type: Trojan.
Trojan.Melongad - (2015.11.28) Risk Level: Very Low. Type: Trojan.
Backdoor.Surge - (2015.11.27) Risk Level: Very Low. Type: Trojan.
Trojan.Phonywall - (2015.11.25) Risk Level: Very Low. Type: Trojan.
Infostealer.Dyre g2 - (2015.11.26) Risk Level: Very Low. Type: Trojan.
W32.Appenex inf - (2015.11.24) Risk Level: Very Low. Type: Trojan, Virus.
PHP.Filesman - (2015.11.25) Risk Level: Very Low. Type: Trojan.
Trojan.Ranscrypt.U g2 - (2015.11.24) Risk Level: Very Low. Type: Trojan.
Latest Security Advisories (US-CERT)
IRS Releases First in a Series of Tax Security Tips (2015.11.27)
Original release date: November 27, 2015
The Internal Revenue Service (IRS) has released the first in a series of tips intended to increase public awareness of how to protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January, and will continue through the April tax deadline.
The first tip focuses on seven simple steps to secure your computer when conducting business online. US-CERT encourages users and administrators to review IRS Security AwarenessTax Tip Number 1 for additional information.
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns (2015.11.25)
Original release date: November 25, 2015 | Last revised: November 27, 2015
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking sites may request support for phony causes.
To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, users are encouraged to take the following actions:
If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:
Dell Computers Contain CA Root Certificate Vulnerability (2015.11.24)
Original release date: November 24, 2015 | Last revised: November 27, 2015
Dell personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read encrypted web browser traffic (HTTPS), impersonate (spoof) any website, or perform other attacks on the affected system.
The eDellRoot certificate originated from an update to the Dell Foundation Services (DFS) application on August 18, 2015. As of November 23, that update is no longer being provided. The certificate was also preinstalled on some systems November 2023, 2015. Dell is pushing a DFS software update to remove the vulnerable certificate from affected systems.
VMware Releases Security Updates (2015.11.19)
Original release date: November 19, 2015
VMware has released security updates to address a vulnerability in vCenter, vCloud Director, and Horizon View. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.
Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0008 and apply the necessary updates.
IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials (2015.11.18)
Original release date: November 18, 2015
The Internet Crime Complaint Center (IC3) has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. In addition to doxing (the act of gathering and publishing individuals' personal information without permission), threat actors have been observed compromising the email accounts of officers and officials. These target groups should protect their online presence and exposure.
Adobe Releases Security Updates for ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip (2015.11.17)
Original release date: November 17, 2015
Adobe has released security updates to address multiple vulnerabilities in ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Apache Commons Collections Java Library Vulnerability (2015.11.13)
Original release date: November 13, 2015
US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections (ACC) Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution.
US-CERT encourages users and administrators to review Vulnerability Note VU#576313 for more information and apply the necessary mitigations.
Google Releases Security Updates for Chrome and Chrome OS (2015.11.11)
Original release date: November 11, 2015
Google has released security updates to address vulnerabilities in Chrome and Chrome OS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
Updates available include: