Blog Posts Tagged with "CERT"
Breaches: Digital Transparency, WARPs, and Collective Intelligence
September 19, 2012 Added by:Christopher Laing
For collective intelligence directed at security breaches, I would argue, that an effective means of transparently sharing details without fear of recrimination and embarrassment would greatly reduce the impact of such breaches. Fine idea, but how can this be achieved?
Comments (0)
Over Ten Percent of Fortune 500 Still Infected by DNSChanger
June 29, 2012 Added by:Headlines
US-CERT "encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger malware. Computers testing positive for infection of the DNSChanger malware will need to be cleaned of the malware to ensure continued Internet connectivity..."
Comments (0)
US Cybersecurity Capability: National Preparedness Report
May 07, 2012 Added by:Pierluigi Paganini
Cybersecurity is identified as a priority issue to enhance the efficiency of prevention and incident response. The report invites federal and private sector partners to accelerate initiatives to enhance data collection, detect events, raise awareness, and respond to incidents...
Comments (0)
The CERT Guide to Insider Threats
May 07, 2012 Added by:Ben Rothke
While there are many books on important security topics such as firewalls, encryption, identity management and more, The CERT Guide to Insider Threats is the one of the first to formally tackle the devastating problem of trusted insiders who misappropriate data...
Comments (0)
Cybersecurity at the International Level
May 02, 2012 Added by:Headlines
Countries are drafting policies to combat cyber attacks, but what can be done on the multilateral level since the digital world routinely ignores national boundaries? So far, international initiatives are plagued by the lack of frameworks, institutions and procedures...
Comments (0)
Oracle Releases Critical Patch Updates for April 2012
April 18, 2012 Added by:Headlines
Oracle has released its Critical Patch Update for April 2012 to address 88 vulnerabilities across multiple products. US-CERT encourages users and administrators to review the April 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks...
Comments (0)
Apple: Critical Update for Java for OS X Lion and Mac OS X
April 04, 2012 Added by:Headlines
"Vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution..."
Comments (0)
Cisco Releases Multiple Security Advisories
March 15, 2012 Added by:Headlines
The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability which can allow a remote attacker to convince a user to view a specially crafted HTML document, and the attacker may be able to then execute arbitrary code...
Comments (0)
Apple Releases Multiple Security Updates
March 09, 2012 Added by:Headlines
Apple has released security updates for Apple iOS, Apple TV, and iTunes to address multiple vulnerabilities which may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions...
Comments (0)
Cisco Released Multiple Security Advisories
March 02, 2012 Added by:Infosec Island Admin
Cisco has released six security advisories this week to address vulnerabilities that may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges and bypass security restrictions...
Comments (0)
US CERT Advisory on DNSChanger Malware
February 27, 2012 Added by:Infosec Island Admin
US-CERT encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger. Computers testing positive for infection of the malware will need to be cleaned to ensure continued Internet connectivity...
Comments (0)
Reflections on Suits and Spooks DC
February 16, 2012 Added by:Jeffrey Carr
We should re-assess which attacks should be investigated and which should be let go. The FBI and US-CERT are overwhelmed with tracking everything from probes against government networks to DDoS attacks to targeted attacks against the Defense Industrial Base...
Comments (0)
Microsoft Issues Updates for Multiple Product Vulnerabilities
February 15, 2012 Added by:Headlines
Microsoft released updates to address vulnerabilities in Windows, Internet Explorer, Microsoft .NET Framework, Silverlight, Office, and Microsoft Server Software that could allow attackers to execute arbitrary code, cause a denial of service, or gain unauthorized access...
Comments (0)
Tax Season Phishing Scams and Malware Campaigns
February 09, 2012 Added by:Headlines
Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign. These messages may appear to be from the IRS and ask users to submit personal information...
Comments (0)
Apple Releases Multiple OS X Lion Security Updates
February 03, 2012 Added by:Headlines
Apple has released security updates for Apple OS X Lion 10.7 to 10.7.2, OS X Lion Server 10.7 to 10.7.2, Mac OS 10.6.8, and Mac OS X Server v 10.6.8 to address multiple vulnerabilities that may allow an attacker to execute arbitrary code, a denial-of-service, and bypass security...
Comments (0)
US-CERT Warns of Denial-of-Service Malware Campaign
January 26, 2012 Added by:Headlines
US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)