Mozilla Releases Security Update for Thunderbird

Original release date: October 24, 2019

Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 68.2 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

FBI Expands Election Security Resources

Original release date: October 24, 2019

The Federal Bureau of Investigation (FBI) has released additional election security resources as part of the Protected Voices initiative. Created in partnership with FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence, Protected Voices is an effort to share resources, information, and tools to help mitigate the risk of cyber influence operations targeting U.S. elections.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages political campaigns and the American public to review FBI’s article on Protecting Every Voice, the Protected Voices suite of resources, and CISA’s Tip on Best Practices for Securing Elections Systems.

This product is provided subject to this Notification and this Privacy & Use policy.

NCSC Releases 2019 Annual Review

Original release date: October 24, 2019

The United Kingdom's (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2019, which reports their work and key accomplishments from September 1, 2018, to August 31, 2019. NCSC provides enhanced services to protect the UK against cybersecurity threats.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NCSC’s 2019 Annual Review for more information.

 

This product is provided subject to this Notification and this Privacy & Use policy.

EOL D-Link Routers Vulnerable to Remote Command Execution

Original release date: October 24, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-16920) affecting multiple D-Link routers. A remote attacker could exploit this vulnerability to take control of an affected device.

D-Link no longer provides support to the affected end-of-life (EOL) devices, and updates will not be made available. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Vulnerability Note VU#766427 and replace any affected device with one currently supported by the vendor.

This product is provided subject to this Notification and this Privacy & Use policy.