1. Torpig Trojan Horse Attack Activity
(News/CERT)

US-CERT is aware of public reports of a high volume of financial accounts compromised by the Torpig (also known as Sinowal or Anserin) Trojan horse. This Trojan horse uses HTML injection to add fields

2. Fake Antivirus Software Circulating
(News/CERT)

... malicious links, private messages on social networking sites, infection from other malware, and from visiting compromised websites. Quite often, this malware attempts to convince users that there is ...

3. SSH Key-based Attacks
(News/CERT)

US-CERT is aware of active attacks against linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then us

4. SSH Key-based Attacks
(News/CERT)

US-CERT is aware of active attacks against linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then us

5. Red Hat Releases OpenSSH Security Update
(News/CERT)

...intrusion, an attacker was able to sign a small number of OpenSSH packages. Red Hat has provided a list of the compromised packages and has released updated versions of the OpenSSH packages as a preca...

6. Microsoft Releases Security Advisory
(News/CERT)

...be able to compromise the website and inject arbitrary content or obtain sensitive data. Any user visiting the compromised site may be unknowingly redirected to a malicious website that could attempt ...

7. Compromised Websites Hosting Malicious JavaScript
(News/CERT)

US-CERT is following reports of SQL injection attacks that have compromised a large number of legitimate websites. The compromised websites contain injected JavaScript that attempts to exploit multipl

8. Apple QuickTime Vulnerability Report
(News/CERT)

...to execute arbitrary code. This vulnerability may have several attack vectors, such as visiting a malicious or compromised website. US-CERT is currently investigating this report and will provide addi...

9. Apple QuickTime Vulnerability
(News/CERT)

...to execute arbitrary code. This vulnerability may have several attack vectors, such as visiting a malicious or compromised website.US-CERT encourages users to use caution when opening QuickTime files,...

10. Compromised Websites Redirect Users to Malicious Websites
(News/CERT)

US-CERT has seen reports of an attack that has compromised a large number of legitimate websites. The reports indicate that attackers are modifying the sites and embedding JavaScript code. Users who v

11. Websites Compromised Through SQL Injection
(News/CERT)

US-CERT has seen reports of an attack that has compromised a large number of legitimate websites. The reports indicate that attackers are modifying the sites and embedding a reference to JavaScript co

12. Fake Mac Cleaning Tool Circulating
(News/CERT)

...l circulating for Apple Mac OS, known as MacSweeper. When installed, this rouge software states that there are compromised files on the user's system and that to clean or fix the files the user must p...

13. Widespread SQL Injection Attacks Compromising Websites
(News/CERT)

US-CERT is aware of widespread SQL injection attacks compromising websites across all sectors.  The compromised sites have been modified to include a reference to a malicious JavaScript file. Whe

14. FBI Announces Results of Operation Bot Roast II
(News/CERT)

... Roast II" has successfully identified and captured eight individuals responsible for infecting over 1 million compromised computers. For more information, visit http://www.us-cert.gov/press_room/botr...