Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
August 2008
 Right Arrow
Su M Tu W Th F Sa
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    August 06, 2008 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    August 6Oracle Releases Patch for WebLogic Plug-in Vulnerability
    August 5Malware Targeting Adobe Flash Player
    August 4CA ARCserve Backup for Laptops and Desktops Server vulnerability
    August 4Internet System Consortium releases BIND -P2 patches
    August 1Apple Releases Security Update 2008-005
    July 31Airline E-ticket Email Attack
    July 31AVG Releases Update
    July 29New Storm Worm Activity Spreading
    July 29Oracle Releases Security Advisory for WebLogic Plug-in Vulnerability
    July 28RealPlayer Releases Update


    Oracle Releases Patch for WebLogic Plug-in Vulnerability

    added August 6, 2008 at 01:09 pm

    Oracle has released a patch to address a previously disclosed vulnerability in the WebLogic plug-in for Apache. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users to consider applying the patch and workarounds referenced in the Oracle Security Advisory and in Vulnerability Note VU#716387.


    Malware Targeting Adobe Flash Player

    added August 5, 2008 at 12:43 pm

    Adobe has issued a Security Bulletin warning of malware spreading via a fraudulent Flash Player installer. Adobe warns that a worm is making fraudulent posts on social networking sites. These posts include links that lead to fake sites that prompt users to update their versions of Flash Player. If users attempt to use the installer to make the update, malware may be downloaded and installed onto their systems.

    US-CERT urges users and administrators to take the following preventative measures to help mitigate the security risks:


    CA ARCserve Backup for Laptops and Desktops Server vulnerability

    added August 4, 2008 at 11:35 am

    US-CERT is aware of a vulnerability that affects CA ARCserve Backup for Laptops and Desktops. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition on the server.

    More information regarding this vulnerability can be found in the CA Security Advisory "Security Notice for CA ARCserve Backup for Laptops and Desktops Server LGServer" document.

    US-CERT recommends that users upgrade to the latest versions to help mitigate the security risks.


    Internet System Consortium releases BIND -P2 patches

    added August 4, 2008 at 11:35 am

    The Internet System Consortium has released updates for BIND to address performance and stability issues.

    US-CERT recommends that administrators of this product apply the respective patches for BIND 9.5.0-P2, BIND 9.4.2-P2 and BIND 9.3.5-P2 or check with their software vendor for updated versions.


    Apple Releases Security Update 2008-005

    added August 1, 2008 at 08:17 am

    Apple has released Security Update 2008-005 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to conduct DNS cache poisoning attacks, execute arbitrary code, cause a denial-of-service condition, or access the affected system with elevated privileges. Please note that this update addresses recent issues with weaknesses in common DNS implementations; see Vulnerability Note VU#800113 for additional information.

    US-CERT encourages users to review Apple Article HT2647 and apply any necessary updates as soon as possible to help mitigate the risks.


    Airline E-ticket Email Attack

    added July 31, 2008 at 09:15 am

    US-CERT is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket. These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user's system with malicious code.

    Reports, including a posting by Sophos, indicate that these messages have the following characteristics. Please note that these attributes may change at any time.

    • The subject line "E-Ticket#XXXXXXXXXX"
    • An attachment named "eTicket#XXXX.zip"
    US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:


    AVG Releases Update

    added July 31, 2008 at 08:06 am

    AVG has released version 8.0.156 to address multiple issues. Some of these issues could allow an attacker to cause a crash, resulting in a denial-of-service condition. This version also reduces the amount of incidental traffic generated by the program when searching on particular websites.

    US-CERT encourages users to review the AVG Program update and apply any necessary updates to help mitigate the risks.


    New Storm Worm Activity Spreading

    added July 29, 2008 at 09:41 am

    US-CERT is aware of public reports of a new Storm Worm Campaign. The latest campaign is centered around messages related to the Federal Bureau of Investigation and Facebook. This Trojan horse virus is spread via an unsolicited email message that contains a link to a malicious website. This website contains a link, that when clicked, may run the executable file "fbi_facebook.exe" to infect the user's system with malicious code.

    Reports, including a posting by Sophos, indicate the following email subject lines are being used. Please note that subject lines can change at any time.

    • F.B.I. may strike Facebook
    • F.B.I. watching us
    • The FBI's plan to "profile" Facebook
    • The FBI has a new way of tracking Facebook
    • F.B.I. are spying on your Facebook profiles
    • F.B.I. busts alleged Facebook
    • Get Facebook's F.B.I. Files
    • Facebook's F.B.I. ties
    • F.B.I. watching you
    US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:


    Oracle Releases Security Advisory for WebLogic Plug-in Vulnerability

    added July 29, 2008 at 07:52 am

    Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.

    US-CERT encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.

    US-CERT will provide additional information as it becomes available.


    RealPlayer Releases Update

    added July 28, 2008 at 07:52 am

    RealNetworks has released an update to address multiple vulnerabilities in RealPlayer. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. RealNetworks identifies the vulnerabilities as the following:

    • RealPlayer ActiveX controls property heap memory corruption.
    • Local resource reference vulnerability in RealPlayer.
    • RealPlayer SWF file heap-based buffer overflow.
    • RealPlayer ActiveX import method buffer overflow.
    US-CERT encourages users to review the RealNetworks advisory and apply the appropriate updates to help mitigate the risk.