Current Activity Calendar

	January 2009
Su	M	Tu	W	Th	F	Sa
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Please click on a date above to see current activity for that day.

January 30, 2009 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*January 30*	Novell Releases Updates for GroupWise
*January 29*	Malicious Code Spreading Via Valentine's Day Spam
*January 23*	Apple Releases QuickTime 7.6
*January 23*	Cisco Releases Security Advisory for Cisco Security Manager
*January 23*	Widespread Infection of Win32/Conficker/Downadup Worm
*January 16*	Symantec Releases Security Advisory
*January 15*	Spam, Phishing, and Malware Related to Presidential Inauguration
*January 15*	Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product
*January 13*	Oracle Releases Critical Patch Update for January 2009
*January 13*	Microsoft Releases January Security Bulletin

Novell Releases Updates for GroupWise

added January 30, 2009 at 11:53 am

Novell has released updates for GroupWise 7 and 8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, compromise a GroupWise account, conduct cross-site scripting attacks, or obtain sensitive information.

US-CERT encourages users to review the Novell download page and apply the appropriate patch to help mitigate the risks.

Malicious Code Spreading Via Valentine's Day Spam

added January 29, 2009 at 12:55 pm

US-CERT is aware of public reports of malicious code circulating via spam email messages related to Valentine's Day. These messages contain a link to a website that contains several images of hearts and instructs users to choose one image. If users click on one of the images, they will be prompted to download an executable file. Reports indicate that the executable files could be named: youandme.exe, onlyyou.exe, you.exe, and meandyou.exe (please note that these file names may change at any time). If users accept the download, malicious code may be installed onto their systems.

US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

Install antivirus software, and keep virus signatures up to date.
Do not follow unsolicited links and do not open unsolicited email messages.
Use caution when visiting untrusted websites.
Use caution when downloading and installing applications.
Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Apple Releases QuickTime 7.6

added January 23, 2009 at 06:47 pm

Apple has released QuickTime 7.6, for both Windows and Mac OS X systems, to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users to review Apple Article HT3403 and upgrade to QuickTime 7.6.

Cisco Releases Security Advisory for Cisco Security Manager

added January 23, 2009 at 06:47 pm

Cisco Security Advisory cisco-sa-20090121-csm was released to address a vulnerability that occurs in Cisco Security Manager when it is used in conjunction with Cisco IPS Event Viewer. This vulnerability may allow an unauthenticated, remote attacker to access the MySQL databases or IPS Event Viewer server.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090121-csm and apply any necessary updates or workarounds to help mitigate the risks.

Widespread Infection of Win32/Conficker/Downadup Worm

added January 23, 2009 at 05:16 pm

US-CERT is aware of public reports indicating a widespread infection of the Win32/Conficker/Downadup worm. This worm exploits a previously patched vulnerability addressed in Microsoft Security Bulletin MS08-067. This worm attempts to propagate via multiple methods including removable media.

US-CERT strongly encourages users to review Microsoft Security Bulletin MS08-067 and update unpatched systems as soon as possible.

Additionally, US-CERT recommends that users take the following preventative measures to help mitigate the security risks:

Install antivirus software, and keep the virus signatures up to date.
Review the Microsoft Malware Protection Center blog entry for details regarding the worm.
Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting removable media.

Symantec Releases Security Advisory

added January 16, 2009 at 08:55 am

Symantec has released a security advisory to address a vulnerability in the Symantec AppStream LaunchObj ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user.

US-CERT encourages users to review Vulnerability Note VU#194505 and Symantec Security Advisory SYM09-001, apply the update, and follow the best practices provided in the advisory.

Spam, Phishing, and Malware Related to Presidential Inauguration

added January 15, 2009 at 11:11 am

US-CERT has received reports of an increased number of phishing sites and spam related to the upcoming Presidential Inauguration. US-CERT reminds users that phishing and spamming campaigns often coincide with highly publicized events. Users should remain cautious when receiving unsolicited email.

US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

Install antivirus software, and keep the virus signatures up to date.
Do not follow unsolicited links and do not open unsolicited email messages.
Use caution when visiting untrusted websites.
Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product

added January 15, 2009 at 09:10 am

Cisco has released a Security Advisory to address multiple vulnerabilities in the IronPort Encryption Appliance and the IronPort PXE Encryption product. These vulnerabilities may allow an unauthorized attacker to view the contents of secure email messages or gain access to the IronPort Encryption Appliance administration interface.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090114-ironport and apply the necessary updates listed.

Oracle Releases Critical Patch Update for January 2009

added January 13, 2009 at 04:08 pm

Oracle has released their Critical Patch Update for January 2009 to address 41 vulnerabilities across several products. This update contains the following security fixes:

10 updates for Oracle Database
1 update for Oracle Times Ten Data Server
9 updates for Oracle Secure Backup
4 updates for Oracle Application Server
1 update for Oracle Collaboration Suite
4 updates for Oracle Application Suite
1 update for Oracle Enterprise Manager
6 updates for PeopleSoft and JDEdwards Suite
5 updates for BEA Products Suite

US-CERT encourages users to review the January Critical Patch Update and apply any necessary updates.

Microsoft Releases January Security Bulletin

added January 13, 2009 at 02:09 pm

Microsoft has released the Microsoft Security Bulletin Summary for January 2009. Included in this bulletin is an update to address a vulnerability in Microsoft Windows. This vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory