Category: alerts

Systems Affected   Systems running Microsoft Office XP and Outlook 2002   Overview   There is a vulnerability in Outlook 2002 that could allow attackers to take control of your computer.   Description   By taking advantage of the way Outlook interprets email links, an attacker may be able to gain control of your computer. Read more

Systems Affected   Systems running Microsoft Windows   Overview   Microsoft Windows contains multiple vulnerabilities, the most serious of which could allow attackers to take control of your computer.   Description   Microsoft’s updated Home User Security Bulletin for February 2004 describes more vulnerabilities in the Microsoft Windows operating system. Microsoft is tracking these issues Read more

Systems Affected   Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point Firewall-1 NG FP2 Check Point Firewall-1 NG FP3, HF2 Check Point Firewall-1 NG with Application Intelligence R54 Check Point Firewall-1 NG with Application Intelligence R55     Overview   Several versions of Check Point Firewall-1 contain a vulnerability that allows Read more

Systems Affected   Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer 6 Previous versions that are no longer supported may also be affected.     Overview   Microsoft Internet Explorer (IE) contains multiple vulnerabilities, the most serious of which could allow attackers in any location to run programs of their choice Read more

Systems Affected   Any system running Microsoft Windows (Windows 95 and newer) that are used for reading email or accessing peer-to-peer file sharing services.   Overview   A new variant of the previously discovered MyDoom virus, MyDoom.B, has been identified. In addition to the common traits of email-borne viruses, this virus may prevent your computer Read more

Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5] In it we highlight the use of five publicly available tools, which have been used for malicious purposes in recent cyber incidents around the world. The five tools Read more

Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, Read more

Summary The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic Read more

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. [1] Technical Details A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, Read more

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions: Windows 2000 Windows Vista Windows XP Windows 7 Windows Server Read more