Mailing Lists & Feeds
Current Activity Calendar
| October 31, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Federal Trade Commission Spoofed Emailadded October 30, 2007 at 11:18 am | updated October 31, 2007 at 08:09 am
US-CERT is aware of fraudulent email messages purporting to be from the Federal Trade Commission's (FTC) "Fraud Department". These messages refer to a complaint filed against the email's recipient and appear to be from "frauddep@ftc.gov". The email messages contain a link to malicious software and should not be followed. Please see the Federal Trade Commission website for additional information.
Active Exploitation of Microsoft Windows URI Protocol Handling Vulnerabilityadded October 26, 2007 at 03:15 pm
Microsoft has released a revision to Microsoft Security Advisory (943521), which was previously reported by US-CERT in the Microsoft Windows URI Protocol Handling Vulnerability Current Activity. This revision states that because of an active exploitation the severity rating has been increased.
New Storm Worm Variant Disables Security Softwareadded October 26, 2007 at 03:15 pm
US-CERT is aware of a new Storm Worm variant. Functionality in this variant can cause certain types of programs, including anti-virus and network access control programs, to appear as if they are functioning correctly, though the process(es) have been disabled by the worm.
California Wildfires Spawn Phishing Sitesadded October 26, 2007 at 03:15 pmUS-CERT has received reports of multiple phishing sites that attempt to trick users into donating funds to fraudulent foundations in the aftermath of the California Wildfires. US-CERT warns users to expect an increase in targeted phishing emails due to the recent events in California. Phishing emails may appear as requests from a charitable organization asking the users to click on a link that will then take them to a fraudulent site that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises. Users are encouraged to take the following measures to protect themselves from this type of phishing attack:
RealNetworks Issues Security Update for RealPlayer Vulnerabilityadded October 20, 2007 at 02:32 pm | updated October 24, 2007 at 01:31 pm
RealNetworks has issued a Security Update to address the previously reported buffer overflow vulnerability in RealPlayer. This vulnerability could allow an attacker to execute arbitrary code on an affected system by enticing a user to view a specially crafted HTML document. Active Exploitation of Vulnerabilities in Adobe Acrobat and Adobe Readeradded October 23, 2007 at 02:28 pm | updated October 24, 2007 at 01:18 pm
US-CERT is aware of active exploitation of a previously reported vulnerability in Adobe Acrobat, Adobe Reader, and other Adobe PDF products. Adobe has released an update and provided a workaround to address this vulnerability. Active Exploitation of a Vulnerability in RealPlayeradded October 19, 2007 at 10:29 am
US-CERT is aware of active exploitation of a buffer overflow vulnerability in RealPlayer. This vulnerability affects RealPlayer version 9 and later, and may allow an attacker to execute arbitrary code on an affected system. |
||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader