enfrdeitjaes

TA17-075A: HTTPS Interception Weakens TLS Security

Original release date: March 16, 2017Systems Affected All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected. Overview Many organizations use HTTPS interception products for several purposes, including detecting malware that uses HTTPS connections to malicious servers. The CERT Coordination Center (CERT/CC) explored the tradeoffs of using HTTPS interception in a blog post called......
Continue reading
160 Hits

TA16-336A: Avalanche (crimeware-as-a-service infrastructure)

Original release date: December 01, 2016Systems Affected Microsoft Windows Overview “Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI), is releasing this Technical Alert to provide fu......
Continue reading
297 Hits

TA16-288A: Heightened DDoS Threat Posed by Mirai and Other Botnets

Original release date: October 14, 2016Systems Affected Internet of Things (IoT)—an emerging network of devices (e.g., printers, routers, video cameras, smart TVs) that connect to one another via the Internet, often automatically sending and receiving data Overview Recently, IoT devices have been used to create large-scale botnets—networks of devices infected with self-propagating malware—that can execute crippling......
Continue reading
360 Hits

TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Original release date: September 06, 2016 | Last revised: September 20, 2016Systems Affected Network Infrastructure Devices  Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure......
Continue reading
332 Hits

TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Original release date: September 06, 2016 | Last revised: September 13, 2016Systems Affected Network Infrastructure Devices  Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure......
Continue reading
306 Hits

TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities

Original release date: July 05, 2016Systems Affected All Symantec and Norton branded antivirus products Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Description The vulnerabilities are listed below......
Continue reading
290 Hits

TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities

Original release date: July 05, 2016 Systems Affected All Symantec and Norton branded antivirus products Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Description The vulnerabilities are listed be......
Continue reading
301 Hits

TA16-144A: WPAD Name Collision Vulnerability

Original release date: May 23, 2016 | Last revised: June 01, 2016Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabledNetworks using unregistered or unreserved TLDsOverview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the new generic top level domain......
Continue reading
330 Hits

TA16-144A: WPAD Name Collision Vulnerability

Original release date: May 23, 2016 Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabled Overview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the New generic Top Level Domain (gTLD) program’s incorporation of previously undelegated gTLDs for ......
Continue reading
397 Hits