U.S. Computer Emergency Readiness Team (US-CERT)

A man using a tablet casting a large shadow.

news

Zero-Day Deals? Shadow Brokers Looking for Windows Exploit Buyer

The cybergang known as the Shadow Brokers is allegedly peddling a new zero-day Windows exploit. Is the threat credible enough to warrant blocking SMB?

January 23, 2017 | By Douglas Bonderud

news

Cybercriminals commandeer vulnerable IoT devices to create botnets for launch large-scale DDoS attacks. When the Mirai source code leaked in September, enabling novice fraudsters to commit major attacks, IT researchers began taking the problem seriously.

article

The Internet of Trouble: Securing Vulnerable IoT Devices

In the past few months, researchers have observed large-scale DDoS attacks that leverage vulnerable IoT devices to create massive botnets.

November 4, 2016 | By Larry Loeb

article

Cisco's Product Security Incident Response Team (PSIRT) said it is not aware of any malicious use of the vulnerability and that no other Cisco product is known to be affected. The company said it will release fixed software versions for affected products.

news

Cisco Announces Critical Router Vulnerability

Cisco recently disclosed a critical vulnerability in its software. According to the advisory, no workaround is currently available to resolve the issue.

July 26, 2016 | By Larry Loeb

news

Corporate users shouldn't hesitate to uninstall QuickTime for Windows on all enterprise endpoints, and this process can be made much easier thanks to a recent fixlet introduced via the IBM BigFix platform. Here's an overview of that remediation technique.

article

It’s Time to Let Go of QuickTime for Windows

IBM BigFix has a fixlet available for corporate users looking to uninstall QuickTime for Windows, which was found to have serious vulnerabilities.

April 29, 2016 | By Patrick Vowles

article

Anyone using QuickTime for Windows will want to uninstall the software immediately to protect themselves from cyberattack. Researchers recently disclosed two vulnerabilities in the application, which is no longer receiving support from Apple.

news

Uninstall QuickTime for Windows Now

QuickTime for Windows will soon be unsupported, and security researchers have identified at least two zero-day vulnerabilities that will not be patched.

April 15, 2016 | By Larry Loeb

news

Malware-makers may soon have to face the threat of a formidable opponent: an entity comprised of government agencies, technology vendors and security experts from across the world. This could be a major step toward better cybersecurity.

news

Nerding Out: Collaboration Deal Downs Dorkbot

A collaborative effort from law enforcement, tech vendors and security agencies took down a Dorkbot botnet that was more than 1 million computers strong.

December 7, 2015 | By Douglas Bonderud

news

Although the Dridex Trojan remains a threat, especially to users in the U.K., even after government intervention, there is plenty of research that can help educate individuals so they know the best practices to avoid this malware.

news

Dridex Trojan Remains a Risk Even Following Takedown Operation and FBI Arrest

Security companies said the Dridex Trojan may still be attacking potential victims in the U.K. despite a recent arrest and attempts to shut it down.

October 19, 2015 | By Shane Schick

news

Collaborative efforts in the world of cybersecurity have led to the emergence of threat intelligence sharing standards and specifications. These regulations can vary widely, but there is some convergence and cohesion already, with more likely to come.

article

Navigating a Sea of Threat Intelligence Specifications

Standards and specifications make threat intelligence sharing a more manageable and organized act, although competing standards may still muddy the waters.

June 19, 2015 | By Doug Franklin

article