The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
US-CERT is aware of public reports of a phishing attack that specifically targets US government and military officials' Gmail accounts. The attack arrives via an email sent from a spoofed address of an individual or agency known to the targeted user. The email contains a "view download" link that leads to a fake Gmail login page. The login information is then sent to an attacker. Google has indicated that this phishing campaign has been disrupted and that affected parties have been notified.
US-CERT encourages users and administrators to do the following to help mitigate the risks:
Apple has released Security Update 2011-003 for Mac OS X in response to the recent Mac fake anti-virus software. This update:
- adds a malware definition to the File Quarantine application
- causes the File Quarantine application to automatically update its malware definition list daily
- removes MacDefender fake anti-virus software if detected
The Internet System Consortium has released updates for BIND to address a vulnerability in BIND versions 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, and 9.8.0 and later. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#795694.
US-CERT encourages users and administrators to review CVE-2011-1910 and apply the respective patches to help mitigate the risks. Since BIND is often packaged in larger third-party applications or operating system distributions, users and administrators should check with their software vendors for updated versions.