Mailing Lists & Feeds
Current Activity Calendar
| November 05, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Possible Faults in Mac OS X Leopard Application-Based Firewalladded November 5, 2007 at 05:06 pm
US-CERT is aware of reports of possible flaws in the Application-Based Firewall in Mac OS X Leopard. According to these reports, users may be misinformed of the status of their firewall rule set, thus placing users with listening network services at an increased risk. Mac DNS Changer Trojanadded November 1, 2007 at 08:56 am
US-CERT is aware of a Mac DNS changer Trojan. If executed, this Trojan will change the DNS settings of a user's machine and then report back to a command and control server. The Trojan appears as a DMG archive file which, if downloaded and installed, will run the Trojan on a user's system.
Federal Trade Commission Spoofed Emailadded October 30, 2007 at 11:18 am | updated October 31, 2007 at 08:09 am
US-CERT is aware of fraudulent email messages purporting to be from the Federal Trade Commission's (FTC) "Fraud Department". These messages refer to a complaint filed against the email's recipient and appear to be from "frauddep@ftc.gov". The email messages contain a link to malicious software and should not be followed. Please see the Federal Trade Commission website for additional information.
Active Exploitation of Microsoft Windows URI Protocol Handling Vulnerabilityadded October 26, 2007 at 03:15 pm
Microsoft has released a revision to Microsoft Security Advisory (943521), which was previously reported by US-CERT in the Microsoft Windows URI Protocol Handling Vulnerability Current Activity. This revision states that because of an active exploitation the severity rating has been increased.
New Storm Worm Variant Disables Security Softwareadded October 26, 2007 at 03:15 pm
US-CERT is aware of a new Storm Worm variant. Functionality in this variant can cause certain types of programs, including anti-virus and network access control programs, to appear as if they are functioning correctly, though the process(es) have been disabled by the worm.
California Wildfires Spawn Phishing Sitesadded October 26, 2007 at 03:15 pmUS-CERT has received reports of multiple phishing sites that attempt to trick users into donating funds to fraudulent foundations in the aftermath of the California Wildfires. US-CERT warns users to expect an increase in targeted phishing emails due to the recent events in California. Phishing emails may appear as requests from a charitable organization asking the users to click on a link that will then take them to a fraudulent site that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises. Users are encouraged to take the following measures to protect themselves from this type of phishing attack:
Active Exploitation of Vulnerabilities in Adobe Acrobat and Adobe Readeradded October 23, 2007 at 02:28 pm | updated October 24, 2007 at 01:18 pm
US-CERT is aware of active exploitation of a previously reported vulnerability in Adobe Acrobat, Adobe Reader, and other Adobe PDF products. Adobe has released an update and provided a workaround to address this vulnerability. |
||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader