u.s. computer emergency readiness team

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Linux under attack: Compromised SSH keys lead to rootkit

The U.S. Computer Emergency Readiness Team CERT has issued a warning for what it calls "active attacks" against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to...

Tags: Linux, SSH, Attack, U.S. Computer Emergency Readiness Team, Rootkits, Security, Spyware, Adware & Malware, Ryan Naraine

Blog posts 2008-08-26

CERT: AOL Radio has high-risk flaw

The U.S. Computer Emergency Readiness Team has warned about a code execution flaw in the AOL Radio software. I'm not sure how many folks use AOL Radio, but AOL still has a lot of eyeballs. If you're one of those AOL users check out the CERT warning....

Tags: America Online Inc., CERT, Radio, Flaw, AOL Radio, U.S. Computer Emergency Readiness Team, AOLMediaPlaybackControl Application, Advertising & Promotion, ActiveX/COM/COM+/DCOM, Security, Marketing, Software Development, Software/Web Development, Larry Dignan

Blog posts 2008-01-10

Additional Resources

US, S. Korean websites under attack; N. Korea blamed

So it's cyberwar. In a July 4 attack that is believed to come from North Korea or its sympathizers, the websites of a number of U.S. and South Korean government agencies were knocked out and experienced continuing problems since the holiday, the Associated Press is reporting today....

Tags: U.S., North Korea, Web Site, FTC, Attack, Transportation, Web Site Development, Web Technology, Security, Internet, Richard Koman

Blog posts 2009-07-08

US-CERT warning: Windows does not disable AutoRun properly

The U.S. Computer Emergency Readiness Team (US-CERT) has issued a technical cyber-security alert to warn that Microsoft's guidelines for disabling AutoRun in the Windows operating system "are not fully effective" and argues that this "could be considered a vulnerability." The U.S. CERT warning comes...

Tags: Microsoft Corp., NoDriveTypeAutorun, Registry Value, Microsoft Windows, Operating Systems, Software, Ryan Naraine

Blog posts 2009-01-21

Did Chinese copy unattended U.S. laptop?

Update: This article was corrected to indicate that the laptop in question was government owned and didn't belong to Commerce Sec. Carlos M. Gutierrez, who doesn't carry a laptop. News flash for high-ranking government officials visiting China: You just don't leave your laptop or PDA unattended â€"...

Tags: Associated Press, Beijing, Laptop Computer, PDAs, Government, Notebooks, Handhelds, Hardware, Notebooks & Tablets, Richard Koman

Blog posts 2008-05-30

Federal budget recommends US-CERT get $242 million

The White House unveiled its fiscal 2009 budget proposal and the $3.1 trillion monstrosity throws the U.S. Computer Emergency Readiness Team $242 million to boost its malware and intrusion detection capabilities. According to the proposed budget released on Monday, "a more robust US-CERT will increase the cyber security posture...

Tags: U.S. Department Of Homeland Security, US-CERT, Data Centers, Intrusion Detection, Social Security, Network Security, Storage, Security, Hardware, Data Management, Government, Networking, Larry Dignan

Blog posts 2008-02-05

Latest QuickTime bug leaves XP, Vista vulnerable

Security researchers say that a new QuickTime flaw has gone public and leaves XP and Vista vulnerable to attack. According to Secunia, the latest QuickTime bug "can be exploited by malicious people to compromise a user's system." A working exploit is public and the vulnerability has been...

Tags: Apple QuickTime, Microsoft Windows XP, Vulnerability, Microsoft Windows Vista, Secunia, Ryan, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Larry Dignan

Blog posts 2007-11-26

ActiveX flaws haunt QuickBooks Online

The U.S. Computer Emergency Readiness Team (US-CERT) is warning about multiple code execution holes affecting users of Intuit QuickBooks Online Edition. The vulnerabilities, rated "highly critical" by Secunia, can be exploited by a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. ...

Tags: Intuit Inc., Intuit QuickBooks, ActiveX, Flaw, Exploitation, Ryan Naraine

Blog posts 2007-09-05

RSA 2007: DHS's Greg Garcia gets organized for cybersecurity battle

At a town hall meeting at the RSA 2007 Conference in San Francisco, Greg Garcia, the Department of Homeland Security assistant secretary for cybersecurity and telecommunications, described the environment in which his agency operates:"The next ten years there will be a single integrated IP network that serves all needs," Garcia...

Tags: General, Security, Government, Greg Garcia

Blog posts 2007-02-08

DHS' Garcia: Network security is everyone's business

On Between the Lines, Dan Farber reports back from the RSA 2007 Conference, where Greg Garcia, the Department of Homeland Security assistant secretary for cybersecurity and telecommunications, described the security problems inherent in a totally IP-connected world. "The next ten years there will be a single integrated IP network...

Tags: Government technology, Homeland security, Network security, Greg Garcia

Blog posts 2007-02-08

Why CERT should be decertified (2)

In looking at Cert's security vulnerabilities summary for 2005 last week I pointed out that they have a tendency to be remarkably over enthusiastic when counting Unix and related applications vulnerabilities. This looks like systematic anti-Unix, pro-Microsoft, bias at work in a U.S. government agency. Today I'd like to look...

Tags: Microsoft Corp., Microsoft Windows

Blog posts 2006-01-18

New York AG blasts Sony

New York AG blasts SonySales of Sony 'rootkit' CDs ContinueIn spite of a warning from the U.S. Department of Homeland Security Computer Emergency Readiness Team (www.us-cert.gov), some national retailers continue to sell music CDs containing the Sony 'rootkit' software. . According US-CERT, "This rootkit technique can...

Tags: Rootkits, Retail, rootkit, CD, retail company, Sony Corp., malware

Discussion threads 2005-11-29

IE still required on FEMA site

IE still required on FEMA siteIE required on FEMA siteFEMA has their lunch pails full right now, and I wouldn't think modifying an app so it will run for other browsers would have any priority at all. It's to bad other browser will not comply with Microsoft standards, for if...

Tags: Web browsers, Microsoft Internet Explorer, Federal Emergency Management Agency, Web browser

Discussion threads 2005-09-21

National cybersecurity test set for fall

National cybersecurity test set for fallSkynetIt's becoming a reality folks, the terminator runs California and now the govenrment will start testing Skynet. Lock down yor firewalls, it's gonna be a bumpy ride. Of course, does that mean that California would be spared?Planning vs DoingI keep hearing all this talk about...

Tags: Government, Channel management, SECURITY, Andy Purdy, Cyber Storm, Skynet, US-CERT, Web

Discussion threads 2005-07-22