08/28/2017 02:40 PM EDT Original release date: August 28, 2017
US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a trusted source. Fraudulent emails will often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations commonly appear after major natural disasters.
US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:
- Do not follow unsolicited web links in email messages.
- Use caution when opening email attachments. Refer to the US-CERT Tip Using Caution with Email Attachments for more information on safely handling email attachments.
- Keep antivirus and other computer software up-to-date.
- Refer to the Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
- Review the Federal Trade Commission information on Charity Scams.
- Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.
Potentially fatal flaw could take a generation of cars to eliminate – but is this a ‘tempest in a thimble’?
Your college can – and will – hand over your personal details to anyone who asks, warns a researcher who is calling for better protection for students
08/21/2017 11:38 AM EDT Original release date: August 21, 2017
On October 11, 2017, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the domain name system (DNS) Security Extensions (DNSSEC) protocol.
DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is an important part of preventing domain name hijacking. Updating the DNSSEC KSK is a crucial security step, similar to updating a PKI Root Certificate. Maintaining an up-to-date Root KSK as a trust anchor is essential to ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector. Systems of organizations that do not use DNSSEC validation will be unaffected by the rollover.
06/13/2017 11:45 AM EDT Original release date: June 13, 2017 | Last revised: August 23, 2017
This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information related to HIDDEN COBRA activity, go to https://www.us-cert.gov/hiddencobra.