Home » Security Information

Security Information

This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.

SG Security Scan

SG Security Articles

Latest Threats - Symantec

Latest Security Advisories (US-CERT)

As summer begins, many people will travel with their mobile devices. Although these devicessuch as smart phones, tablets, and laptopsoffer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them.

NCCIC encourages users to review the NCCIC Tips on Holiday Traveling with Personal Internet-Enabled Devices, Cybersecurity for Electronic Devices, and International Mobile Safety. The suggested security practices in these Tips will help travelers secure their portable devices during the summer travel season and throughout the year.

The Internal Revenue Service (IRS) has issued a news release warning tax professionals to beware of a new phishing email scam. Cyber criminals posing as state accounting and professional associations have been sending emails to entice their targets to reveal login credentials. Tax practitioners should be wary of unsolicited emails and forward email phishing attempts related to this scam to phishing@irs.gov.

NCCIC encourages users and administrators to review the IRS news release and NCCICs Tip on Avoiding Social Engineering and Phishing Attacks for more information.

FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.

NCCIC encourages consumers to review the FBI Article and NCCIC's Tip on Preventing and Responding to Identity Theft.

NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection of network traffic (including website credentials), as well as the monitoring of Modbus supervisory control and data acquisition (SCADA) protocols.

VPNFilter has a destructive capability that can make the affected device unusable. Because the malware can be triggered to affect devices individually or multiple devices at once, VPNFilter has the potential to cut off internet access for hundreds of thousands of users.

NCCIC encourages users and administrators to review the Cisco blog post on VPNFilter and NCCIC's Tip on Home Network Security for recommendations and to ensure that their devices are updated with the latest patches. NCCIC will provide updated information as it becomes available.

In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to the event.

To avoid becoming a victim of fraudulent activity, NCCIC encourages users and administrators to review NCCIC's Tips on Using Caution With Email Attachments and Avoiding Social Engineering and Phishing Attacks as well as the Federal Trade Commission's article on Before Giving to a Charity.

Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update.

The Internet Systems Consortium (ISC) has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

NCCIC encourages users and administrators to review ISC Knowledge Base Articles AA-01602 and AA-01606 and apply the necessary updates or workarounds.

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

• Digital Network Architecture Center Static Credentials Vulnerability cisco-sa-20180516-dnac
• Digital Network Architecture Center Authentication Bypass Vulnerability cisco-sa-20180516-dna2
• Digital Network Architecture Center Unauthorized Access Vulnerability cisco-sa-20180516-dna
• Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability cisco-sa-20180516-nfvis
• Meeting Server Media Services Denial-of-Service Vulnerability cisco-sa-20180516-msms
• Identity Services Engine EAP TLS Certificate Denial-of-Service Vulnerability cisco-sa-20180516-iseeap
• IoT Field Network Director Cross-Site Request Forgery Vulnerability cisco-sa-20180516-fnd