Multiple Petya Ransomware Infections Reported 27 Jun 2017, 9:56 amOriginal release date: June 27, 2017
US-CERT has received multiple reports of Petya ransomware infections in many countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users' access to the infected machine until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.
Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable. Open-source reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB). US-CERT encourages users and administrators to review the US-CERT article on the Microsoft SMBv1 Vulnerability and the Microsoft Security Bulletin MS17-010. For general advice on how to best protect against ransomware, review US-CERT Alert TA16-091A. Please report any ransomware incidents to the Internet Crime Complaint Center (IC3).
NIST Releases New Digital Identity Guidelines 26 Jun 2017, 7:48 pmOriginal release date: June 26, 2017
The National Institute of Standards and Technology (NIST) has released the Digital Identity Guidelines document suite. The four-volume suite offers technical guidelines for organizations that use digital identity services.
IRS Warns of Summertime Scams 26 Jun 2017, 10:47 amOriginal release date: June 26, 2017
The Internal Revenue Service (IRS) has released an alert warning of various types of scams targeting taxpayers this summer. The alert describes common features of these cyber crimes, including robocalls, demands for immediate payment, and threats to have taxpayers arrested immediately.
FTC Releases Alert on Tech-Support Scams 23 Jun 2017, 1:09 pmOriginal release date: June 23, 2017
The Federal Trade Commission (FTC) has released an alert on technical-support scams. In these schemes, deceptive tech-support operations offer to fix problems that don't exist, placing calls or sending pop-ups to make people think their computers are infected with viruses. Users should not give control of their computers to any stranger offering to fix problems.
IC3 Issues Internet Crime Report for 2016 21 Jun 2017, 3:40 pmOriginal release date: June 21, 2017 | Last revised: June 23, 2017
The Internet Crime Complaint Center (IC3) has released its 2016 Internet Crime Report, describing the numbers and types of cyber crimes reported to IC3. Business Email Compromise (BEC), ransomware attacks, tech support fraud, and extortion are all common schemes affecting people in the U.S. and around the world.
US-CERT encourages users to review the 2016 Internet Crime Report and the FBI News Story for details and refer to the US-CERT Security Publication on Ransomware for information on defending against this particular threat.
Drupal Releases Security Updates 21 Jun 2017, 2:30 pmOriginal release date: June 21, 2017
Drupal has released an advisory to address several vulnerabilities in Drupal versions 7.x and 8.x. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
Cisco Releases Security Updates 21 Jun 2017, 12:45 pmOriginal release date: June 21, 2017
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Prime Infrastructure and Evolved Programmable Network Manager XML Injection Vulnerability cisco-sa-20170621-piepnm1
- Virtualized Packet Core – Distributed Instance Denial-of-Service Vulnerability cisco-sa-20170621-vpc
- WebEx Network Recording Player Multiple Buffer Overflow Vulnerabilities cisco-sa-20170621-wnrp
Mozilla Releases Security Update 15 Jun 2017, 6:29 pmOriginal release date: June 15, 2017
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.2 and apply the necessary update.
Google Releases Security Updates for Chrome 15 Jun 2017, 6:27 pmOriginal release date: June 15, 2017
Google has released Chrome version 59.0.3071.104 for Windows, Mac, and Linux. This version addresses several vulnerabilities, including one that an attacker could exploit to cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary updates.
ISC Releases Security Updates for BIND 14 Jun 2017, 10:26 pmOriginal release date: June 15, 2017 | Last revised: June 16, 2017
The Internet Systems Consortium (ISC) has released updates that address several vulnerabilities in BIND. An attacker could exploit one of these vulnerabilities to take control of an affected system.
Available updates include:
- BIND version 9.11.1-P1
- BIND version 9.10.5-P1
- BIND version 9.9.10-P1
ISC recommends disabling LMDB (liblmdb) until BIND 9.11.2 is released later this summer. US-CERT encourages users and administrators to review ISC Knowledge Base Articles AA-01495, AA-01496, AA-01497 and apply the necessary updates.