U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

FTC Details the Top 10 Imposter Scams of 2014

The Federal Trade Commission (FTC) has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions.

Users are encouraged to review the FTC advisory for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

Cisco IPv6 Denial of Service Vulnerability

Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System X (CRS-X) running an affected version of Cisco IOS XR Software are affected by this vulnerability.

Users and administrators are encouraged to review the Cisco Advisory and apply the necessary updates.

Samba Remote Code Execution Vulnerability

Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon (smbd). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected. Patches are currently available from Debian, Red Hat, Suse, and Ubuntu. A Samba patch is available for experienced users and administrators to implement.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top