Category Archives: US CERT Alerts
TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

Source: US Cert Alerts TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

TA16-288A: Heightened DDoS Threat Posed by Mirai and Other Botnets

Original release date: October 14, 2016 Systems Affected Internet of Things (IoT)—an emerging network of devices (e.g., printers, routers, video cameras, smart TVs) that connect to one another via the…

TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Original release date: September 06, 2016 Systems Affected Network Infrastructure Devices  Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems….

TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities

Original release date: July 05, 2016 Systems Affected All Symantec and Norton branded antivirus products Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are…

TA16-144A: WPAD Name Collision Vulnerability

Original release date: May 23, 2016 Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabled Overview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that…

TA16-132A: Exploitation of SAP Business Applications

Original release date: May 11, 2016 Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability [1]. Security researchers from Onapsis…

TA16-105A: Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced

Original release date: April 14, 2016 Systems Affected Microsoft Windows with Apple QuickTime installed Overview According to Trend Micro, Apple will no longer be providing security updates for QuickTime for…

TA16-091A: Ransomware and Recent Variants

Original release date: March 31, 2016 Systems Affected Networked Systems Overview In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and…

TA15-337A: Dorkbot

Original release date: December 03, 2015 Systems Affected Microsoft Windows Overview Dorkbot is a botnet used to steal online payment, participate in distributed denial-of-service (DDoS) attacks, and deliver other types…

TA15-314A: Web Shells – Threat Awareness and Guidance

Original release date: November 10, 2015 Systems Affected Web servers that allow web shells Overview This alert describes the frequent use of web shells as an exploitation vector. Web shells…

TA15-314A: Compromised Web Servers and Web Shells – Threat Awareness and Guidance

Original release date: November 10, 2015 | Last revised: November 13, 2015 Systems Affected Compromised web servers with malicious web shells installed Overview This alert describes the frequent use of…

TA15-286A: Dridex P2P Malware

Original release date: October 13, 2015 Systems Affected Microsoft Windows Overview   Dridex, a peer-to-peer (P2P) bank credential-stealing malware, uses a decentralized network infrastructure of compromised personal computers and web…

TA15-240A: Controlling Outbound DNS Access

Original release date: August 28, 2015 Systems Affected Networked systems Overview US-CERT has observed an increase in Domain Name System (DNS) traffic from client systems within internal networks to publically…

TA15-213A: Recent Email Phishing Campaigns – Mitigation and Response Recommendations

Original release date: August 01, 2015 Systems Affected Microsoft Windows Systems, Adobe Flash Player, and Linux Overview Between June and July 2015, the United States Computer Emergency Readiness Team (US-CERT)…

TA15-195A: Adobe Flash and Microsoft Windows Vulnerabilities

Original release date: July 14, 2015 | Last revised: July 15, 2015 Systems Affected Microsoft Windows systems with Adobe Flash Player installed. Overview Used in conjunction, recently disclosed vulnerabilities in…

Next Page