The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.
Published Jun 02, 2014
US-CERT has issued an alert describing the GameOver Zeus malware used by cybercriminals to collect banking information such as login credentials. This alert identifies the systems affected, the impact of the malware and possible solutions.
Published May 02, 2014
Malicious insider activity can have devastating impacts on an organization. The NCCIC has released a new publication on "Combating the Insider Threat" to assist your organization with containing this risk.
Published Apr 09, 2014
Certain OpenSSL versions contain a critical vulnerability which may allow a malicious actor to obtain sensitive or private information. See the '"Heartbleed" OpenSSL Vulnerability' Technical Publication, TA14-098A, and VU#720951 for details and recommended actions.
Published Feb 12, 2014
The Critical Infrastructure Cyber Community Voluntary Program, or C³ (pronounced "C Cubed") Voluntary Program, is an innovative public-private partnership, to help connect companies, as well as Federal, State, local, tribal, and territorial partners, to DHS and other Federal government programs and resources that will assist their efforts in managing their cyber risks.
Published Jan 29, 2014
NCCIC has recently published a DDoS Quick Guide. This guide contains possible DDoS attack methods per OSI layer, potential impact and the applicable recommended mitigation strategies as well as relevant hardware. This report also provides possible DDoS traffic type descriptions.