JusticeDept.com

US-CERT is aware of public reports concerning a new variant of the Conficker/Downadup worm, named Conficker B++. This variant propagates itself via multiple methods, including exploitation of the previously patched vulnerability addressed in MS08-067, password guessing, and the infection of removable media. Most significantly, Conficker B++ implements a new backdoor with “auto-update” functionality, allowing machines [...]

National Cyber Alert System Technical Cyber Security Alert TA09-051A Systems Affected * Adobe Reader version 9 and earlier * Adobe Acrobat (Professional, 3D, and Standard) version 9 and earlier Overview Adobe has released Security Bulletin APSB09-01, which describes a vulnerability that affects Adobe Reader and Acrobat. This vulnerability could allow a remote attacker to execute [...]

US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A. US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory [...]

Systems Affected: * Microsoft Internet Explorer * Microsoft Office Visio * Microsoft Exchange and SQL Server Overview Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server. I. Description As part of the Microsoft Security Bulletin Summary for February 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, [...]

Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Application Web Loader ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer to crash. [...]

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide [...]

Google has released a new application called Latitude. The service allows a user to share their physical location with friends and family. Using cell phones towers and WIFI connections, Google creates a map that shows your location and movements. Though they claim your privacy is protected, many people are concerned. Here is how Google describes [...]

US-CERT is aware of public reports of malicious code circulating via spam email messages related to Valentine’s Day. These messages contain a link to a website that contains several images of hearts and instructs users to choose one image. If users click on one of the images, they will be prompted to download an executable [...]

by United States Emergency Readiness Team I. Motivating Factors The CERT/CC has composed this Tech Tip to address a growing risk to Internet users without dedicated IT support. In recent months, we have observed a trend toward exploitation of new or otherwise unprotected computers in increasingly shorter periods of time. This problem is exacerbated by [...]

The new White House team found out there email systems were down for most of the day on Monday. Press Secretary Robert Gibbs mad the announcement of the technical difficulties at his 1:30 p.m. briefing. He apologized for the e-mail silence and blamed it on a Mircrosoft Outlook server. Both incoming and outgoing email were [...]