Current Activity Calendar

	November 2007
Su	M	Tu	W	Th	F	Sa
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Please click on a date above to see current activity for that day.

November 21, 2007 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*November 21*	iFrame Attack Affects Monster.com
*November 20*	Department of Justice Fraudulent Spam Email Variant
*November 19*	Trojan Spreading via MSN Messenger
*November 15*	Mac OS X Leopard Firewall Changes
*November 15*	Apple Releases Security Updates to Address Multiple Vulnerabilities
*November 15*	False Microsoft Update Emails Circulating
*November 13*	Microsoft Releases November Security Bulletins

iFrame Attack Affects Monster.com

added November 21, 2007 at 10:42 am

US-CERT is aware of an iFrame attack that affected Monster.com, causing it to take down a portion of its web site yesterday. Attackers embedded malicious iFrames that redirected users to another web site that when visited, could download and install malware on the user's system.

Monster.com has sanitized its web site and restored the portions of the site it had taken down. Monster.com believes that only a very small percentage of those visiting during this time were potentially infected. In addition, Monster.com has stated that users running Windows with the most recent updates applied were not affected.

US-CERT urges users and administrators to take the following preventative measures to help mitigate the security risks:

Configure your web browser as described in the Securing Your Web Browser document.
Install anti-virus software, and keep its virus signature files up-to-date.
Install latest versions of software to ensure that is is up-to-date

Department of Justice Fraudulent Spam Email Variant

added November 20, 2007 at 09:26 am

US-CERT is aware of reports of a variant of spam e-mail messages claiming to be from the Department of Justice (DOJ), previously reported in "Justice Depart Warns Public of Fraudulent Spam Email." These messages contain a malicious attachment that supposedly contains information regarding complaints filed against the recipient's company with the DOJ. The attachment launches malware on the user's system when opened.

To help protect against this type of attack, US-CERT recommends that users never open attachments from unsolicited email messages. More information on how to safely utilize email attachments can be found in the US-CERT "Using Caution with Email Attachments" Cyber Security Tip.

Trojan Spreading via MSN Messenger

added November 19, 2007 at 11:12 am

US-CERT is aware of reports of a Trojan spreading via MSN Messenger. The Trojan arrives as a chat message that appears to contain an image file, that when opened, downloads and installs a Internet Relay Chat Bot. These messages may appear to come from a known contact.

US-CERT urges users and administrators to take the following preventative measures to help mitigate the security risks:

Install anti-virus software, and keep virus signature files up-to-date.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Mac OS X Leopard Firewall Changes

added November 5, 2007 at 05:06 pm | updated November 15, 2007 at 02:35 pm

Apple's Mac OS X Leopard includes an application-based firewall feature. US-CERT is aware of ambiguities in the way the firewall components supplied with Leopard report the status of the firewall configuration. Users may be misinformed of the status of their firewall rule set, thus placing listening network services at an increased risk.

Apple has published Mac OS X v10.5.1 Update to address this issue. US-CERT encourages users to apply this update to mitigate this risk.

Apple Releases Security Updates to Address Multiple Vulnerabilities

added November 15, 2007 at 08:43 am | updated November 15, 2007 at 01:31 pm

Apple has released Mac OS X 10.4.11 and Security Update 2007-008 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or access the system with escalated privileges.

More information regarding the vulnerabilities and remediation information can be found in:

Technical Cyber Security Alert TA-07-319A
Vulnerability Notes Database
Apple Support Article ID: 307041

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine which updates should be applied.

False Microsoft Update Emails Circulating

added November 15, 2007 at 10:37 am

US-CERT is aware of false Microsoft Update email messages being publicly circulated. These messages contain multiple links that may direct a user to a malicious web site. The impact of following these links is currently unknown, more information will be provided as it becomes available.

US-CERT encourages users to take the following measures to protect themselves:

Do not follow unsolicited web links in email messages
Follow the Microsoft guidelines for recognizing fraudulent email messages

Microsoft Releases November Security Bulletins

added November 13, 2007 at 01:26 pm | updated November 13, 2007 at 03:23 pm

Microsoft has released updates to address vulnerabilities in Windows as part of the Microsoft Security Bulletin Summary for November 2007.

More information about these vulnerabilities can be found in Technical Cyber Security Alert TA07-317A.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine which updates should be applied.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory