[Infowarrior] - US national vulnerability database hacked

Richard Forno rforno at infowarrior.org
Wed Mar 13 21:06:55 CDT 2013


US national vulnerability database hacked

http://www.theregister.co.uk/2013/03/14/us_malware_catalogue_hacked/

By Jack Clark in San Francisco • Get more from this author

Posted in Security, 14th March 2013 01:17 GMT

The US government's online catalog of cyber-vulnerabilities has been taken offline – ironically, due to a software vulnerability.

The National Institute of Standards and Technology's National Vulnerability Database's (NVD) public-facing website and other services have been offline since Friday due to a malware infection on two web servers, it emerged on Wednesday.

The Register received an anonymous tip-off about the infection on Wednesday afternoon, which led us to a Google+ post containing information from NIST.

"On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet," Gail Porter of NIST's public inquiries office told a concerned chief security officer in an email, according to the post.

"NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability."

There is no evidence that NIST web pages were used to serve malware, Porter wrote, and the organization is "continuing to respond to the incident."

So far, NIST is doing everything by the literal book, as section 4.3.4 of its own Guide to Malware Incident Prevention and Handling (PDF) says that if you do get infected by malware, "containing incidents by placing temporary restrictions on network connectivity can be very effective".

The Register has requested more information o

---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.



More information about the Infowarrior mailing list