US-CERT Blog Alerts

AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability

Posted on Monday June 17, 2019

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as "BlueKeep," that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

 

AA19-122A: New Exploits for Unsecure SAP Systems

Posted on Thursday May 02, 2019

Summary

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. [1]

 

AA19-024A: DNS Infrastructure Hijacking Campaign

Posted on Thursday January 24, 2019

Summary

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization's domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization's domain names, enabling man-in-the-middle attacks.

 

AA18-337A: SamSam Ransomware

Posted on Monday December 03, 2018

Summary

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.

 

TA18-331A: 3ve - Major Online Ad Fraud Operation

Posted on Tuesday November 27, 2018

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). DHS and FBI are releasing this TA to provide information about a major online ad fraud operation - referred to by the U.S. Government as "3ve" - involving the control of over 1.7 million unique Internet Protocol (IP) addresses globally, when sampled over a 10-day window.

 

AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

Posted on Thursday October 11, 2018

Summary

This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5]

 

Page:   123

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Microsoft Windows Server 2012, Windows 7/Windows Server 2008/Office 2010 - End of Life