Financial sector advisory: attacks and threats against financial institutions
Wednesday (19 SEP) proved to be a day of hand-wringing and concern for the financial sector as the online presences of both Chase and Bank of America suffered outages and performance impact, allegedly due to distributed denial of service (DDoS) attacks.
Financial Services Information Sharing and Analysis Center (FS-ISAC) has raised its Cyber Threat Level from 'Elevated' to 'High' on the basis of "credible intelligence regarding the potential for DDoS and other cyber-attacks against financial institutions".
According to Reuters, FS-ISAC’s advisory comes right on the heels of a "fraud alert" that the FBI published advising financial services firms that cyber criminals may be disrupting service to their websites in a bid to keep banks from noticing a recent surge in fraudulent large-sized wire transfers.
These attacks also follow a statement posted to the Internet in which the claimant stated attacks would continue until “the film that had stirred up anti-U.S. protests across the Middle East was "erased" from the Internet.”
Source article: http://news.yahoo.com/jpmorgan-chase-consumer-website-intermittently-down-182802693--sector.html
If ISC learns of any consistencies in data that can be correlated, we’ll be sure to keep you informed and stand ready to assist.
Meanwhile, per FS-ISAC, particularly for those of you defending resources in the financial sector, “maintain a heightened level of awareness, apply all appropriate updates and update AV and IDS/IPS signatures, ensure constant diligence in monitoring and quick response to any malicious events.”
Apple and Cisco Security Advisories 19 SEP 2012
Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities.
Advisory ID: cisco-sa-20120620-ac
Apple security updates:
APPLE-SA-2012-09-19-1 iOS 6
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and
Security Update 2012-004
APPLE-SA-2012-09-19-3 Safari 6.0.1
Security Update 2012-004
Keywords: Apple Security Update CISCO Security Advisory internet isc sans security threat vulnerability
0 comment(s)Flash Player update but no announcement, check your version http://www.adobe.com/software/flash/about/
ISC StormCast for Thursday, September 20th 2012 http://isc.sans.edu/podcastdetail.html?id=2818
IE Fixes Available
Hoping to put a close on Monday's IE Zero-day vulnerability (https://isc.sans.edu/diary.html?storyid=14107) Microsoft has announced the release of a FixIt (http://support.microsoft.com/kb/2757760) to address the issue, with a patch to be made available via Windows Update this friday (http://blogs.technet.com/b/msrc/archive/2012/09/19/internet-explorer-fix-it-available-now-security-update-scheduled-for-friday.aspx)
Can we look forward to more timely security patch releases from Microsoft? That would be good news indeed.
Keywords:
12 comment(s)
×
![modal content]()
Diary Archives
Comments
Anonymous
Dec 3rd 2022
10 months ago
Anonymous
Dec 3rd 2022
10 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
https://defineprogramming.com/
Dec 26th 2022
9 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
9 months ago
rthrth
Jan 2nd 2023
9 months ago