Mailing Lists & Feeds
Current Activity Calendar
| April 24, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Vulnerability Involving Apple QuickTime and Javaadded April 24, 2007 at 04:07 pmUS-CERT is aware of a new vulnerability involving Apple QuickTime and Java. Any platform supporting QuickTime and Java may be affected. Details about the vulnerability are currently limited; however, it is reported that disabling Java will protect users. New Attack Technique for ARM Architectureadded April 20, 2007 at 12:00 pmUS-CERT is aware of a new attack technique presented at CansecWest and Black Hat Amsterdam. This technique affects devices that use the ARM (including Xscale) architecture, such as routers, wireless access points and mobile phones. The technique demonstrates that a vulnerability that results in a NULL pointer dereference can be used to execute arbitrary code. US-CERT has been working with vendors to inform them of this attack technique and provide mitigation strategies. US-CERT will continue to investigate and provide additional information as it becomes available. Multiple Vulnerabilities in MIT Kerberos 5added April 19, 2007 at 05:00 pm | updated April 20, 2007 at 09:00 amUS-CERT is aware of multiple vulnerabilities affecting the MIT Kerberos 5 implementation. The most severe of these vulnerabilities may allow a remote attacker to execute arbitrary code on a Kerberos Distribution Center (KDC), which may result in a compromise of the Kerberos key database. More information about these vulnerabilities can be found in the following:
US-CERT recommends users apply the patches as described in MIT krb5 Security Advisories 2007-001, 2007-002, and 2007-003. Apple Releases Security Update to Address Multiple Vulnerabilities in Various Productsadded April 19, 2007 at 12:00 am | updated April 20, 2007 at 08:43 amApple has released Security Update 2007-004 to address multiple vulnerabilities in various products. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, SYSTEM level access, information disclosure, and denial of service. More information about these vulnerabilities is located in the Vulnerability Notes Database and Technical Cyber Security Alert TA07-109A.US-CERT encourages users to apply the appropriate updates as soon as possible. Oracle Releases Critical Patch Update for April 2007added April 18, 2007 at 12:00 am | updated April 19, 2007 at 08:33 amOracle has released the Oracle Critical Patch Update (CPU) for April 2007. This update contains 36 new security fixes for multiple vulnerabilities in various Oracle products and components. The impacts of these vulnerabilities vary depending on the product, component, and configuration of the system. Potential consequences include the execution of arbitrary code or commands, disclosure of sensitive information, and denial of service. More information is available in the Critical Patch Update for April 2007. We strongly encourage Oracle administrators to review, test, and install the patches within the April 2007 CPU. Virginia Tech Tragedy May Spawn Phishing Sitesadded April 17, 2007 at 12:30 pmIn recent years, US-CERT has received reports of an increased number of phishing
sites set up in the wake of tragedies and natural disasters. US-CERT reminds users
to remain cautious when receiving unsolicited email that could be a potential
phishing attempt. Phishing emails may appear as requests for donations from a charitable organization
asking the users to click on a link that will then take them to a fraudulent web
site that appears to be a legitimate charity. The users are then asked to provide
personal information that can further expose them to future compromises. Users are encouraged to take the following measures to protect themselves from this type of phishing attack:
For additional information regarding phishing, US-CERT recommends reading the following documents:
New Rinbot Variant Attempting to Exploit Microsoft Windows DNS RPC Vulnerabilityadded April 17, 2007 at 11:30 amUS-CERT is aware of a new variant of the Rinbot worm that is currently scanning for port 1025/tcp and attempting to exploit the recent buffer overflow vulnerability in the Microsoft Windows DNS service RPC management interface. Like other variants of Rinbot, this variant is an Internet Relay Chat controlled backdoor that may provide an attacker unauthorized remote access to a compromised machine. US-CERT recommends the following actions to help mitigate the security risks:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader