- ICS–CERT: RCE in widespread IoT Treck TCP/IP stack https://www.us-cert.gov/ics/advisories/icsa-20-168-01 2 comments netsec
- CISA Alert AA20-006A - Potential Iranian Cyber Response to U.S. Military Strike in Baghdad https://www.us-cert.gov/ncas/alerts/aa20-006a 26 comments sysadmin
- MAR-10135536-8 – North Korean Trojan: HOPLIGHT https://www.us-cert.gov/ncas/analysis-reports/ar19-100a 3 comments netsec
- CISA Emergency Directive on DNS Infrastructure Tampering https://www.us-cert.gov/ncas/current-activity/2019/01/22/cisa-emergency-directive-dns-infrastructure-tampering 5 comments netsec
- Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices https://www.us-cert.gov/ncas/alerts/ta18-106a 7 comments netsec
- Got the US-Cert alert just as the generators kicked on. The Russians are coming! https://www.us-cert.gov/ncas/alerts/TA18-074A 97 comments sysadmin
- Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors https://www.us-cert.gov/ncas/alerts/ta18-074a 5 comments politics
- HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL https://www.us-cert.gov/ncas/alerts/ta17-318a 31 comments netsec
- Alert (TA17-293A) Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors https://www.us-cert.gov/ncas/alerts/ta17-293a 7 comments politics
- HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure https://www.us-cert.gov/ncas/alerts/ta17-164a 43 comments netsec
- Write-up of ongoing campaign targeting ISPs released by US-CERT https://www.us-cert.gov/ncas/alerts/ta17-117a 13 comments netsec
- US CERT: HTTPS Interception Weakens TLS Security https://www.us-cert.gov/ncas/alerts/ta17-075a 20 comments crypto
- DHS/FBI: Enhanced Analysis of GRIZZLY STEPPE Activity https://www.us-cert.gov/sites/default/files/publications/ar-17-20045_enhanced_analysis_of_grizzly_steppe_activity.pdf 18 comments politics
- A simple phising website hacked Pedesta. https://www.us-cert.gov/sites/default/files/publications/jar_16-20296a_grizzly%20steppe-2016-1229.pdf 110 comments politics
- Grizzly Steppe – Russian Malicious Cyber Activity https://www.us-cert.gov/security-publications/grizzly-steppe-russian-malicious-cyber-activity 49 comments politics
- GRIZZLY STEPPE – Russian Malicious Cyber Activity https://www.us-cert.gov/sites/default/files/publications/jar_16-20296.pdf 4 comments technology
- US releases info on Russian cyber Attack - GRIZZLY STEPPE - Russian Malicious Cyber Activity https://www.us-cert.gov/ncas/current-activity/2016/12/29/grizzly-steppe-russian-malicious-cyber-activity 18 comments worldnews
- GRIZZLY STEPPE – Russian Malicious Cyber Activity https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity 23 comments sysadmin
- US gov't outlines Russian hacking effort, Grizzly Steppe https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296.pdf 17 comments technews
- FBI and DHS Joint Analysis Report – Russian Malicious Cyber Activity https://www.us-cert.gov/sites/default/files/publications/jar_16-20296.pdf 202 comments politics
- [US-Cert.gov] Mozilla releases security update for Firefox 0-day https://www.us-cert.gov/ncas/current-activity/2016/11/28/Mozilla-Releases-Security-Update 5 comments debian
- Question:.. What level of urgency should we (or "are you?") assigning to the WPAD vulnerability ? https://www.us-cert.gov/ncas/alerts/TA16-144A 3 comments sysadmin
- Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced https://www.us-cert.gov/ncas/alerts/ta16-105a 11 comments technology
- Apple, and apparently everyone else says to uninstall QuickTime for Windows... https://www.us-cert.gov/ncas/alerts/ta16-105a 12 comments apple
- If you are still running EMET 5.2, time to update to 5.5. https://www.us-cert.gov/ncas/current-activity/2016/02/23/Microsoft-Releases-Update-EMET 6 comments sysadmin
- What security-related bulletins do you read? https://www.us-cert.gov/ 11 comments sysadmin
- Over 2 dozen medium and high-security Apple vulnerabilities published by US governement https://www.us-cert.gov/ncas/bulletins/sb15-285 8 comments apple
- Remote Code Execution in Current Version of Flash https://www.us-cert.gov/ncas/current-activity/2015/07/07/Adobe-Flash-ActionScript-3-ByteArray-Use-After-Free-Vulnerability 7 comments sysadmin
- US Computer Emergency Readiness Team posted an Alert: Lenovo “Superfish” Adware Vulnerable to HTTPS Spoofing https://www.us-cert.gov/ncas/alerts/ta15-051a 4 comments technology
- Targeted Destructive Malware - In depth analysis of the malware that took Sony down https://www.us-cert.gov/ncas/alerts/ta14-353a 38 comments netsec
- Vulnerability Summary Week of October 13, 2014 https://www.us-cert.gov/ncas/bulletins/SB14-293 4 comments sysadmin
- Stop using IE... so says GOV'T http://www.us-cert.gov/ncas/current-activity/2014/04/28/microsoft-internet-explorer-use-after-free-vulnerability-being 4 comments worldnews
- UDP-based Amplification Attacks https://www.us-cert.gov/ncas/alerts/TA14-017A 6 comments sysadmin
- US CERT emits CryptoLocker warning. Better late than never? https://www.us-cert.gov/ncas/alerts/TA13-309A 9 comments sysadmin
- DNS Amplification Attacks: ways to fix your DNS setup to avoid these http://www.us-cert.gov/ncas/alerts/TA13-088A 8 comments sysadmin
- WordPress Sites Targeted by Mass Brute-force Botnet Attack http://www.us-cert.gov/ncas/current-activity/2013/04/15/wordpress-sites-targeted-mass-brute-force-botnet-attack 10 comments netsec
- Following The Massive Spamhaus DDoS, It's Worth Reviewing Your DNS Recursion Configuration https://www.us-cert.gov/sites/default/files/publications/DNS-recursion033006.pdf 16 comments sysadmin
- Friendly tip on dealing with suspicious emails.... http://www.us-cert.gov/nav/report_phishing.html 4 comments sysadmin
- Mozilla Firefox 3.5 Vulnerability http://www.us-cert.gov/current/index.html#mozilla_firefox_3_5_vulnerability 30 comments netsec
- If you haven't ditched Adobe Acrobat/Reader by now, maybe this will persuade you. I use Foxit instead. http://www.us-cert.gov/cas/techalerts/TA09-051A.html 3 comments software
Linking pages
- Serious flaw in WPA2 protocol lets attackers intercept passwords and much more | Ars Technica https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ 1881 comments
- The only safe email is text-only email https://theconversation.com/the-only-safe-email-is-text-only-email-81434 126 comments
- 1% of CMS-Powered Sites Expose Their Database Passwords » Feross.org http://feross.org/cmsploit/?hn=1 90 comments
- 1% of CMS-Powered Sites Expose Their Database Passwords » Feross.org http://www.feross.org/cmsploit/ 21 comments
- Top 6 Application Security Must Dos with Limited Resources https://blog.hackedu.io/top-6-application-security-must-dos-with-limited-resources/ 10 comments
- Pentagon: Let Us Secure Your Network or Face the 'Wild Wild West' Internet Alone | WIRED http://www.wired.com/threatlevel/2010/05/einstein-on-private-networks 7 comments
- Trump’s New Cybersecurity Agency Is Suffering a Major Setback Thanks to the Government Shutdown – Mother Jones https://www.motherjones.com/politics/2019/01/cybersecurity-government-shutdown-donald-trump-cisa-hackers-dhs/ 4 comments
- security - WARNING: Sick scammers cashing in on Japan ... | DaniWeb http://www.daniweb.com/community-center/geeks-lounge/news/353589 3 comments
- DDoS and you https://codewords.recurse.com/issues/three/ddos-and-you 3 comments
- “We need to up our game”—DHS cybersecurity director on Iran and ransomware | Ars Technica https://arstechnica.com/tech-policy/2019/06/we-need-to-up-our-game-dhs-cybersecurity-director-on-iran-and-ransomware/ 3 comments
- U.S. Government issues alerts about malware and IP addresses linked to North Korean cyber attacks | TechCrunch https://techcrunch.com/2017/11/14/u-s-government-issues-alerts-about-malware-and-ip-addresses-linked-to-north-korean-cyber-attacks/ 3 comments
- Chertoff: I'm Listening to the Internet (Not in a Bad Way) | WIRED http://blog.wired.com/27bstroke6/2008/08/chertoff.html 2 comments
- Why the “biggest government hack ever” got past the feds | Ars Technica http://arstechnica.com/security/2015/06/why-the-biggest-government-hack-ever-got-past-opm-dhs-and-nsa/ 0 comments
- OpenVAS: Checking for Holes Before the Hackers Do It for You | by Linode | Linode Cube | Medium https://medium.com/linode-cube/openvas-checking-for-holes-before-the-hackers-do-it-for-you-9ea5a4c01786#.i2y10rr2e 0 comments
- Senate Panel: 80 Percent of Cyber Attacks Preventable | WIRED http://www.wired.com/threatlevel/2009/11/cyber-attacks-preventable 0 comments
- Computer security: Is this the start of cyberwarfare? | Nature http://www.nature.com/news/2011/110608/full/474142a.html 0 comments
- Computer security: Is this the start of cyberwarfare? | Nature http://www.nature.com/news/2011/110608/full/474142a.html?s=news_rss 0 comments
- Three Resolutions For Web Developers | rud.is https://rud.is/b/2011/12/30/three-resolutions-for-web-developers/ 0 comments
- How was the Justice Department Web site attacked? - The Washington Post http://www.washingtonpost.com/blogs/federal-eye/post/how-was-the-justice-department-web-site-attacked/2012/01/19/gIQA6EGHDQ_blog.html 0 comments
- 10 At-Risk Emerging Technologies https://insights.sei.cmu.edu/sei_blog/2016/05/10-at-risk-emerging-technologies.html 0 comments