FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.
NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection of network traffic (including website credentials), as well as the monitoring of Modbus supervisory control and data acquisition (SCADA) protocols.
VPNFilter has a destructive capability that can make the affected device unusable. Because the malware can be triggered to affect devices individually or multiple devices at once, VPNFilter has the potential to cut off internet access for hundreds of thousands of users.
NCCIC encourages users and administrators to review the Cisco blog post on VPNFilter and NCCIC's Tip on Home Network Security for recommendations and to ensure that their devices are updated with the latest patches. NCCIC will provide updated information as it becomes available.
In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to the event.
To avoid becoming a victim of fraudulent activity, NCCIC encourages users and administrators to review NCCIC's Tips on Using Caution With Email Attachments and Avoiding Social Engineering and Phishing Attacks as well as the Federal Trade Commission's article on Before Giving to a Charity.
Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update.
The Internet Systems Consortium (ISC) has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
FBI has released an article on building a digital defense against identify theft. FBI explains that the growing number of data breaches put more people at risk of becoming a victim of identity theft. However, implementing basic security practices can help users minimize their risk.
NCCIC encourages consumers to review the FBI Article and the following NCCIC Tips for more information:
Red Hat has released security updates to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Red Hat Enterprise Linux 6 and 7. An attacker could exploit this vulnerability to take control of an affected system.
NCCIC encourages users and administrators to review the Red Hat Security Advisory 1567974VMSA and apply the necessary updates.
VMware has released a security update to address a vulnerability in NSX SD-WAN Edge by VeloCloud. A remote attacker could exploit this vulnerability to take control of an affected system.
NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0011 and apply the necessary update.
The CERT Coordination Center (CERT/CC) has released information on email client vulnerabilities that can reveal plaintext versions of OpenPGP- and S/MIME-encrypted emails. A remote attacker could exploit these vulnerabilities to obtain sensitive information.
NCCIC encourages users and administrators to review CERT/CC’s Vulnerability Note VU #122919, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.