The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.
Published Apr 09, 2014
Certain OpenSSL versions contain a critical vulnerability which may allow a malicious actor to obtain sensitive or private information. See the '"Heartbleed" OpenSSL Vulnerability' Technical Publication, TA14-098A, and VU#720951 for details and recommended actions.
Published Feb 12, 2014
The Critical Infrastructure Cyber Community Voluntary Program, or C³ (pronounced "C Cubed") Voluntary Program, is an innovative public-private partnership, to help connect companies, as well as Federal, State, local, tribal, and territorial partners, to DHS and other Federal government programs and resources that will assist their efforts in managing their cyber risks.
Published Feb 04, 2014
Cyber criminals are targeting consumer information entered in Point of Sale (POS) systems. This alert, released on January 2, 2014, describes the methods used in POS targeting and provides best practices, as well as consumer remediation suggestions that can assist in preventing unauthorized access to POS systems.
Published Jan 29, 2014
NCCIC has recently published a DDoS Quick Guide. This guide contains possible DDoS attack methods per OSI layer, potential impact and the applicable recommended mitigation strategies as well as relevant hardware. This report also provides possible DDoS traffic type descriptions.