IC3 Warns of Business Email Compromise Scams

Original release date: July 13, 2018 The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information. NCCIC encourages businesses and individuals to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering…

July 14, 2018
Read More >>

ISC Releases Security Advisory for Kea DHCP

Original release date: July 12, 2018 The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.   NCCIC encourages users and administrators to review ISC Knowledge Base Article AA-01626 and apply the necessary update or workaround.                       This…

July 12, 2018
Read More >>

Microsoft Releases July 2018 Security Updates

Original release date: July 10, 2018 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft’s July 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

July 10, 2018
Read More >>

CIS Releases 2017 Year in Review

Original release date: July 06, 2018 The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS’s role in improving cyber defense and MS-ISAC’s advances in membership, monitoring, cyber education, and…

July 7, 2018
Read More >>

Apple Releases Security Update for Boot Camp

Original release date: July 06, 2018 Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC encourages users and administrators to review Apple’s security page for Wi-Fi Update for Boot Camp 6.4.0 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. Source:…

July 6, 2018
Read More >>

Global Threats to Information Systems

Original release date: June 21, 2018 The advanced capabilities of organized hacker groups and cyber threat actors are an increasing global threat to information systems. Rising threat levels place more demands on cybersecurity personnel and network administrators to protect information systems. Protecting network infrastructure is critical to preserving the confidentiality, integrity, and availability of communication and services across an enterprise. Cyber campaigns—such as NotPetya—are examples of increasingly advanced threat actor…

June 21, 2018
Read More >>

FTC, Partners Help Small Businesses Stop Scams

Original release date: June 18, 2018 The Federal Trade Commission (FTC) has launched Operation Main Street, an effort with the Better Business Bureau (BBB) and law enforcement to educate small business owners on how to stop scams targeting their businesses. Accordingly, FTC released Scams and Your Small Business, a guide for businesses detailing how to avoid, identify, and report scams. NCCIC encourages business owners and other consumers to review the…

June 19, 2018
Read More >>

US Government warns of more North Korean malware attacks

June 18, 2018

Just days after the two countries signed a joint agreement at their unprecedented talks, the US Department of Homeland Security has issued a warning about more malware being used by the North Korean government against US organisations. Read more in my article on the Hot for Security blog. Source: https://www.grahamcluley.com

Read More >>

ISC Releases Security Advisory for BIND

Original release date: June 13, 2018 The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review the ISC Knowledge Base Article AA-01616 and apply the necessary workarounds. This product is provided subject to this Notification and this Privacy…

June 14, 2018
Read More >>

ISC Releases Security Advisory for BIND

Original release date: June 13, 2018 The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review the ISC Knowledge Base Article AA-01616 and apply the necessary workarounds. This product is provided subject to this Notification and this Privacy…

June 14, 2018
Read More >>