11/19/2018 09:18 PM EST Original release date: November 19, 2018
As the holidays approach, NCCIC reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identify theft, or financial loss.
November 2018 Volume 13 Issue 11
From the desk of Thomas F. Duffy, MS-ISAC Chair
Making #CyberMonday #CyberSecure
It is that time of year where so many people prepare to purchase gifts for friends, family, and loved ones. Though it can be convenient to avoid the lines and rush for that latest Black Friday deal by shopping online, this also carries some risk. Cybercriminals are always working to steal your personal and payment information. The holiday shopping season is the perfect opportunity for this to happen. By following a few key practices, you can greatly lower your chances of becoming a victim of identity theft or fraud.
The FCC gave us all some respite from robo-callers by changing FCC regulations for telephone companies, but most are still permitting robo-callers to operate. Boo
Are you a JBoss User? NCCIC Releases Analysis Report on JexBoss
11/08/2018 03:43 PM EST Original release date: November 08, 2018
NCCIC has released Analysis Report (AR) AR18-312A: JexBoss – JBoss Verify and EXploitation Tool. Cyber threat actors use JexBoss to remotely access victims’ systems. The report provides information on JexBoss’ capabilities, as well as suggestions for detection and mitigation.
A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees.
11/19/2018 05:19 PM EST Original release date: November 19, 2018
On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This Act elevates the mission of the former Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats, a mission that requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.
NCCIC encourages all parties to review the DHS announcement on CISA for more information.