DNS Infrastructure Hijacking Campaign

Original release date: January 10, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolves. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an…

January 11, 2019
Read More >>

CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

Original release date: January 04, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories…

January 4, 2019
Read More >>

Securing New Devices

Original release date: December 28, 2018 During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed. The National Cybersecurity and Communications Integration…

December 28, 2018
Read More >>

Bomb Threats Emailed Around the World

Original release date: December 13, 2018 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin is paid. If you receive a bomb threat email, NCCIC recommends the following actions: Do not respond or try to contact…

December 14, 2018
Read More >>

SamSam Ransomware

Original release date: December 03, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have identified cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. NCCIC encourages users and administrators to review Alert AA18-337A: SamSam Ransomware and Malware Analysis Reports AR18-337A, AR18-337B, AR18-337C, and AR18-337D for more information. This product is provided subject to this Notification and this Privacy…

December 3, 2018
Read More >>

Protecting Against Identity Theft

Original release date: November 29, 2018 As the holidays draw near, many consumers turn to the internet to shop for goods and services. Although online shopping can offer convenience and save time, shoppers should be cautious online and protect personal information against identity theft. Identity thieves steal personal information, such as a credit card, and run up bills in the victim’s name. The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers…

November 30, 2018
Read More >>

3ve – Fraudulent Online Advertising

Original release date: November 27, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have released a joint Technical Alert (TA) on a major online ad fraud operation—referred to by the U.S. Government as “3ve.” NCCIC encourages users and administrators to review Alert TA18-331A: 3ve – Major Online Ad Fraud Operation for more information. This product is provided subject to this Notification and this Privacy & Use…

November 27, 2018
Read More >>

Cybersecurity and Infrastructure Security Agency

Original release date: November 19, 2018 On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This Act elevates the mission of the former Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats, a mission that requires…

November 20, 2018
Read More >>

NCCIC Releases Analysis Report on JexBoss

Original release date: November 08, 2018 NCCIC has released Analysis Report (AR) AR18-312A: JexBoss – JBoss Verify and EXploitation Tool. Cyber threat actors use JexBoss to remotely access victims’ systems. The report provides information on JexBoss’ capabilities, as well as suggestions for detection and mitigation. NCCIC encourages users and administrators to review AR18-312A for more information. This product is provided subject to this Notification and this Privacy & Use policy….

November 8, 2018
Read More >>

Self-Encrypting Solid-State Drive Vulnerabilities

Original release date: November 06, 2018 NCCIC is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting solid-state drives. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC encourages users and administrators to review Microsoft’s Security Advisory ADV180028 and Samsung’s Customer Notice regarding Samsung SSDs for more information and refer to vendors for appropriate patches and recommendations, when available. This product is provided…

November 7, 2018
Read More >>