GFIRST National Security Conference
Announcing the 5th Annual GFIRST National Conference
at the Omni Hotel at CNN Center in Atlanta, Georgia – August 23-28, 2009
GFIRST5: The Five Pillars of Cyber Security: Threat, Vulnerability, Attack & Detection, Mitigation and Reflection. These foundations support the cyber security and incident response community by identifying the core components of incident management. [...]
7 Practices for Computer Security
1. Protect your personal information. It’s valuable.
2. Know who you’re dealing with.
3. Use security software that updates automatically.
4. Keep your operating system and Web browser up-to-date, and learn about their security features.
5. Protect your passwords.
6. Back up important files.
7. Learn what to do in an e-mergency.
Access to information and entertainment, credit and financial services, products [...]
Alert: Apple iTunes
Apple Releases iTunes 8.2 and QuickTime 7.6.2
Apple has released iTunes 8.2 and QuickTime 7.6.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users to review Apple articles HT3592 and HT3591 and apply any necessary updates to help mitigate the risks.
Available for: Mac [...]
BlackBerry Security Advisory
Research In Motion has released security advisory KB18327 to address multiple vulnerabilities in the PDF distiller of the BlackBerry Attachment Service. By convincing a user to open a specially crafted PDF file on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the computer hosting the BlackBerry Attachment Service.
US-CERT encourages [...]
Obama Creating A “Cyber Czar”
Washington, DC — President Barack Obama considers computer security a top priority. Immediately after taking office, the President ordered the National Security and Homeland Security Advisors to conduct an immediate Cyber Security Review. The creation of the positioin “Cyber Czar” is a direct result of the security review.
——————————————
President Obama Directs the [...]
Mac OS X and Java Alert
Mac OS X Includes Known Vulnerable Version of Java
Current releases of Mac OS X (version 10.5.7 and version 10.4.11 with security update 2009-002) include a version of Java Runtime Environment (JRE) containing known security vulnerabilities. US-CERT is aware of publicly available exploit code for one of these vulnerabilities. This vulnerability may allow untrusted applets to [...]
Home Computer Security
by CERT
Property has its duties as well as its rights.
— Thomas Drummond (1797-1840)
Introduction
Your home computer is a popular target for intruders. Why? Because intruders want what you’ve stored there. They look for credit card numbers, bank account information, and anything else they can [...]
Waledac Trojan Horse Spam Campaign Circulating
US-CERT is aware of public reports of malicious code circulating via spam email messages related to bogus terror attacks in the recipient’s local area. These messages use subject lines implying that a fatal bomb attack has occurred near the recipient and contain a link to “breaking news.” Users who click on the link will be [...]
Read More About - Waledac Trojan Horse Spam Campaign Circulating »
Protecting Portable Devices: Data Security
National Cyber Alert System
Cyber Security Tip ST04-020
Why do you need another layer of protection?
Although there are ways to physically protect your laptop, PDA, or other portable device (see Protecting Portable Devices: Physical Security for more information), there is no guarantee that it won’t be stolen. After all, as the name suggests, portable devices are designed [...]
Read More About - Protecting Portable Devices: Data Security »
Oracle National Cyber Alert System
Oracle Updates for Multiple Vulnerabilities
Original release date: January 15, 2009
Source: US-CERT
Overview
Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
I. Description
The Oracle Critical Patch Update – January 2009 addresses 41 vulnerabilities in different Oracle products and components. The document [...]
