Surface Pro 4 and Book Firmware: Do not install
Microsoft issued massive sets of firmware updates for Surface Book and Surface Pro 4 last night, however today users are reporting hanging issues while updating as well as some experiencing a BSOD during the installation. We suggest not installing these until Microsoft has resolved the issues.
Oracle patches 136 Vulnerabilities
April patch release from Oracle is available and contains fixes for Oracle’s Database Server, E-Business Suite, Sun Products, MySQL, and Java SE, among other product families
Source: Oracle
Jigsaw Ransomware: Deletes files
The Jigsaw crypto malware may be propagated online via corrupted archive files, text and PDF documents that are attached to spam mail. Emails may appear to come from an internal source or an outside vendor and you should be cautious when receiving invoices because they may be targeted with a spear phishing designed to bypass safe email practices.
The Jigsaw Trojan may disguise itself as an instance of Mozilla Firefox and display a program window that features an animated ransom note that is accompanied by a doll that you might have seen in the movie Saw from 2004. Jigsaw Ransomware prompts the victim to send a payment of 0.4 Bitcoins to receive a decryption key
Adobe Security Bulletin:CVE-2016-1019
Adobe released an updated security advisory earlier this week regarding a critical vulnerability that exists in Adobe Flash Player 21.0.0.197 and earlier versions. This vulnerability affects Windows, Macintosh, Linux, and Chrome OS and could cause the browser to crash or possibly allow for remote code execution, Adobe has introduced in Flash Player 21.0.0.182 a mitigation that protects users against attackers that attempt to exploit this vulnerability, but during today, the company is expected to release a security update. Users are advised to upgrade Flash Player in the moment a new update is released, and in case they haven’t done this yet, they can go to the Adobe Flash Player Download Center and download the software from there, and install it in each browser.
United States, Canada Issue Joint Alert on Ransomware
We dedicate a lot of time to educating our clients to the dangers of Ransomware. Given exactly how devastating the impact can be from one infection and the fact that it is often successful due to human error.
This week the United States Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), is releasing an alert regarding Ransomware. This is how serious the situation is becoming. Every company needs to educate their system users about Ransomware and how to avoid infections.
Source: US-CERT
capitalregionit 