Alerts and Advisories
Latest Alert - September 14, 2021
ALERT : Apply Apple emergency patch immediately
Affected operating systems : iOS 14.8 and iPadOS 14.8, watchOS 7.6.2, MacOS Big Sur 11.6
Users of Apple devices are encouraged to update their operating systems immediately to the latest release in order to protect against a zero-day exploit that requires little or no user interaction. This exploit, known as FORCEDENTRY, may allow for arbitrary code execution, including the installation of spyware. Apple is aware that this may have been actively exploited.
For more information ...
Latest Advisory - January 22, 2021
Current Advisory: NitroPDF Breach
All Versions of NitroPDF
Nitro Software announced that they had suffered a data breach on 28 September 2020. According to BleepingComputer, “The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.” See the full article at … https://www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/
The database has been added to the HaveIBeenPwned service at https://haveibeenpwned.com where you can search to see if your email address is included in the list of breached user accounts.
Note that the NitroPDF breach contained hashed passwords, not passwords in plain text. However, if your email address is indicated as being included in the NitroPDF breach, it is recommended to change your password, as well as to implement additional password security such as Multi-Factor Authentication.
Published on and maintained in Cascade.