Forbidden Web


Mar 26, 2010	Copyright Infringement Lawsuit Email Scam US-CERT is aware of public reports of an active email scam. These emails, which appear to come from seemingly legitimate law firms, indicate that someone has filed a copyright lawsuit against the message recipient. The messages may contain malicious attachments or web links. If a user opens the attachment or follows the link, malicious code may be installed on the user's system. US-CERT encourages users to take the following preventative measures to help mitigate the security risks: Do not follow unsolicited web links and do not open unsolicited email messages. Maintain up-to-date antivirus software. Use caution when visiting untrusted websites. Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams. Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
Mar 26, 2010	US Tax Season Phishing Scams and Malware Campaigns In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign. These phishing scams and malware campaigns may include the following: information that refers to a tax refund, warnings about unreported or under-reported income, offers to assist in filing for a refund, or details about fake e-file websites. These messages, which appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code. At this time, US-CERT is aware of public reports indicating that there is active circulation of a tax season malware campaign. This malware campaign may be using malicious code commonly known as Zeus or Zbot. US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns: Do not follow unsolicited web links in email messages. Maintain up-to-date antivirus software. Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information. Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams. Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
Mar 25, 2010	Cisco Releases Security Advisories for IOS Software Cisco has released a bundled publication, which contains seven security advisories, to address multiple vulnerabilities in Cisco IOS Software. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the security advisories listed in the Cisco IOS Software Security Advisory bundled publication (cisco-sa-20100324-bundle) and apply any necessary updates to help mitigate the risks.
Mar 23, 2010	Mozilla Releases Firefox 3.6.2 The Mozilla Foundation has released Firefox 3.6.2 to address multiple security issues, including a critical vulnerability that may allow a remote attacker to execute arbitrary code. US-CERT encourages users and administrators to do the following to help mitigate the risks: Review the Firefox 3.6.2 release notes. Review Mozilla Foundation Security Advisory 2010-08. Upgrade to Firefox 3.6.2 Additional information regarding this vulnerability, including a workaround for users who cannot upgrade, can be found in the Vulnerability Notes Database.
Mar 19, 2010	CA Releases Updates for ARCserve Backup CA has released updates to address vulnerabilities in the version of Java JRE bundled with ARCserve Backup. These vulnerabilities in Java JRE may allow an attacker to execute arbitrary code, bypass security restrictions, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users and administrators to review the CA security notice CA20100318-01 and apply any necessary updates to help mitigate the risks.

Mar 17, 2010	Zeus Trojan Campaign Warning US-CERT is aware of public reports of malicious code circulating via spam email messages impersonating the Department of Homeland Security (DHS). The attacks arrive via unsolicited email messages that may contain subject lines related to DHS or other government activity. These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan. US-CERT encourages users and administrators to take the following measures to protect themselves: Do not follow unsolicited web links or attachments in email messages. Maintain up-to-date antivirus software. Refer to Cyber Security Tip ST04-014 - Avoiding Social Engineering and Phishing Attacks Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Mar 12, 2010	Apple Releases Safari 4.0.5 Apple has released Safari 4.0.5 to address multiple vulnerabilities in ColorSync, ImageIO, PubSub, Safari, and WebKit. These vulnerabilities may allow a remote attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or bypass security restrictions. US-CERT encourages users and administrators to review Apple article HT4070 and upgrade to Safari 4.0.5 to help mitigate the risks.
Mar 09, 2010	Microsoft Releases March Security Bulletin Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2010. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Mar 08, 2010	Energizer DUO USB Battery Charger Software Allows Remote System Access US-CERT is aware of a backdoor in the software for the Energizer DUO USB battery charger. This backdoor may allow a remote attacker to list directories, send and receive files, and execute programs on an affected system. The software, which has been discontinued, was available for both Windows and Apple Mac OS X versions. Only the Windows version is affected by this vulnerability. US-CERT encourages users and administrators to review Vulnerability Note VU#154421 and apply the recommended solutions.
Mar 04, 2010	Cisco Releases Multiple Security Advisories Cisco has released three security advisories to address vulnerabilities. Security advisory cisco-sa-20100303-cucm, addresses multiple vulnerabilities in the Cisco Unified Communications Manager which affect the Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP), and the Computer Telephony Integration (CTI) Manager services. Successful exploitation of these vulnerabilities could result in a denial-of-service condition and an interruption of voice services. Security advisory cisco-sa-20100303-dmm, addresses multiple vulnerabilities in the Cicso Digital Media Manager (DMM). Successful exploitation of these vulnerabilities could allow for information disclosure, unauthorized settings or system configuration changes, and disclosure of default credentials. There are no workarounds for mitigation, and US-CERT will alert users and administrators as updates are made available. Security advisory cisco-sa-20100303-dmp , addresses a vulnerability that exists in the Cisco Digital Media Player. Successful exploitation of this vulnerability may allow and attacker to inject video or data content into a remote display. US-CERT encourages users and administrators to review security advisory cisco-sa-20100303-cucm and cisco-sa-20100303-dmp and apply any necessary updates or workarounds to mitigate the risks.