English French German Italian Japanese Spanish

Search Techlick

TA16-336A: Avalanche (crimeware-as-a-service infrastructure)

Original release date: December 01, 2016Systems Affected Microsoft Windows Overview “Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI), is releasing this Technical Alert to provide fu......
Continue reading
222 Hits

TA16-288A: Heightened DDoS Threat Posed by Mirai and Other Botnets

Original release date: October 14, 2016Systems Affected Internet of Things (IoT)—an emerging network of devices (e.g., printers, routers, video cameras, smart TVs) that connect to one another via the Internet, often automatically sending and receiving data Overview Recently, IoT devices have been used to create large-scale botnets—networks of devices infected with self-propagating malware—that can execute crippling......
Continue reading
287 Hits

TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Original release date: September 06, 2016 | Last revised: September 20, 2016Systems Affected Network Infrastructure Devices  Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure......
Continue reading
270 Hits

TA16-250A: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Original release date: September 06, 2016 | Last revised: September 13, 2016Systems Affected Network Infrastructure Devices  Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure......
Continue reading
234 Hits

TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities

Original release date: July 05, 2016Systems Affected All Symantec and Norton branded antivirus products Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Description The vulnerabilities are listed below......
Continue reading
226 Hits

TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities

Original release date: July 05, 2016 Systems Affected All Symantec and Norton branded antivirus products Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Description The vulnerabilities are listed be......
Continue reading
233 Hits

TA16-144A: WPAD Name Collision Vulnerability

Original release date: May 23, 2016 | Last revised: June 01, 2016Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabledNetworks using unregistered or unreserved TLDsOverview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the new generic top level domain......
Continue reading
263 Hits

TA16-144A: WPAD Name Collision Vulnerability

Original release date: May 23, 2016 Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabled Overview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching public DNS servers [1]. In combination with the New generic Top Level Domain (gTLD) program’s incorporation of previously undelegated gTLDs for ......
Continue reading
324 Hits

TA16-132A: Exploitation of SAP Business Applications

Original release date: May 11, 2016Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability [1]. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP business applications.The observed indicators relate to the abuse of the Invoker Servlet, a built-in functionality in SAP NetWeaver Application Serv......
Continue reading
220 Hits