UCSF IT Technology

Mozilla released security updates to address vulnerabilities in Firefox.For a complete description of the vulnerabilities and affected systems go to Mozilla Foundation Security Advisory 2025-01 Security Vulnerabilities fixed in Firefox 134.IT SecurityRead more about IT Security service offerings.

Cisco has released security updates to address vulnerabilities in multiple Cisco Products.  A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to IT SecurityRead more about IT Security service offerings.

Ivanti has released Security Updates to address vulnerabilities in multiple Ivanti Products. An attacker could exploit these vulnerabilities to perform remote code execution.For a complete description of the vulnerabilities and affected systems go to Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283).IT Security

Google released its January Android update to address vulnerabilities in Android devices. The most severe of these issues is a high-security vulnerability that could lead to remote code execution with no additional execution privileges needed.For a complete description of the vulnerabilities and affected systems go to Android Security Bulletin January 2024.IT SecurityRead more about IT Security service offerings.

Illumina released a security update to address a vulnerability that impacts Illumina Gene Sequencers. An attacker could exploit this vulnerability to take over an affected deviceFor a complete description of the vulnerabilities and affected systems go to Report: Flaws in Illumina DNA Sequencer Devices Allows Hacks.IT SecurityRead more about IT Security service offerings.

A series of phishing attacks are impersonating financial institutions. These attacks use convincing branding; however, the emails’ sender addresses do not match the financial institution.Instead, these emails come from sender address domains like “@connect[.]net” or “@PayNow[.]com.”Lures used in these attacks include a notification message asking if recipients recognize a particularly expensive charge and a lure asking the recipient

Ubuntu released multiple security updates in December for various Ubuntu products.For a complete description of the vulnerabilities and affected systems go to Ubuntu December 2024 Archives by date.IT SecurityRead more about IT Security service offerings.

Red Hat released multiple security updates in December for various Red Hat products.For a complete description of the vulnerabilities and affected systems go to Red Hat Security Advisories.IT SecurityRead more about IT Security service offerings.

Suse released multiple security updates in December for various Suse products.For a complete description of the vulnerabilities and affected systems go to Suse Dec 2024 Archives by date.IT SecurityRead more about IT Security service offerings.