Financial sector advisory: attacks and threats against financial institutions

Published: 2012-09-20
Last Updated: 2012-09-20 16:20:49 UTC
by Russ McRee (Version: 1)
1 comment(s)

 

Wednesday (19 SEP) proved to be a day of hand-wringing and concern for the financial sector as the online presences of both Chase and Bank of America suffered outages and performance impact, allegedly due to distributed denial of service (DDoS) attacks.
Financial Services Information Sharing and Analysis Center (FS-ISAC) has raised its Cyber Threat Level from 'Elevated' to 'High' on the basis of "credible intelligence regarding the potential for DDoS and other cyber-attacks against financial institutions".
According to Reuters, FS-ISAC’s advisory comes right on the heels of a "fraud alert" that the FBI published advising financial services firms that cyber criminals may be disrupting service to their websites in a bid to keep banks from noticing a recent surge in fraudulent large-sized wire transfers.
These attacks also follow a statement posted to the Internet in which the claimant stated attacks would continue until “the film that had stirred up anti-U.S. protests across the Middle East was "erased" from the Internet.”
 
 
If ISC learns of any consistencies in data that can be correlated, we’ll be sure to keep you informed and stand ready to assist.
Meanwhile, per FS-ISAC, particularly for those of you defending resources in the financial sector, “maintain a heightened level of awareness, apply all appropriate updates and update AV and IDS/IPS signatures, ensure constant diligence in monitoring and quick response to any malicious events.”

 

Keywords: DDoS hacking internet isc phishing sans security threat vulnerability
1 comment(s)

Apple and Cisco Security Advisories 19 SEP 2012

Published: 2012-09-20
Last Updated: 2012-09-20 06:01:01 UTC
by Russ McRee (Version: 1)
0 comment(s)

Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities.
 
Apple security updates:
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and
Security Update 2012-004
APPLE-SA-2012-09-19-3 Safari 6.0.1

Russ McRee | @holisticinfosec

Keywords: Apple Security Update CISCO Security Advisory internet isc sans security threat vulnerability
0 comment(s)
Flash Player update but no announcement, check your version http://www.adobe.com/software/flash/about/
ISC StormCast for Thursday, September 20th 2012 http://isc.sans.edu/podcastdetail.html?id=2818

IE Fixes Available

Published: 2012-09-20
Last Updated: 2012-09-20 01:57:47 UTC
by Kevin Liston (Version: 1)
12 comment(s)

Hoping to put a close on Monday's IE Zero-day vulnerability (https://isc.sans.edu/diary.html?storyid=14107) Microsoft has announced the release of a FixIt (http://support.microsoft.com/kb/2757760) to address the issue, with a patch to be made available via Windows Update this friday (http://blogs.technet.com/b/msrc/archive/2012/09/19/internet-explorer-fix-it-available-now-security-update-scheduled-for-friday.aspx)

Can we look forward to more timely security patch releases from Microsoft?  That would be good news indeed.

Keywords:
12 comment(s)

Comments

cwqwqwq

www

Nov 17th 2022
4 months ago

eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>

EEW

Nov 17th 2022
4 months ago

WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]

qwq

Nov 17th 2022
4 months ago

dwqqqwqwq mashood

mashood

Nov 17th 2022
4 months ago

[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)

isc.sans.edu

Nov 23rd 2022
4 months ago

[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]

isc.sans.edu

Nov 23rd 2022
4 months ago

What's this all about ..?

isc.sans.edu

Dec 3rd 2022
3 months ago

password reveal .

isc.sans.edu

Dec 3rd 2022
3 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

isc.sans.edu

Dec 26th 2022
3 months ago

https://thehomestore.com.pk/

isc.sans.edu

Dec 26th 2022
3 months ago

Login here to join the discussion.


Diary Archives