[VIM] US national vulnerability database hacked (fwd)
jericho at attrition.org
Wed Mar 13 21:11:20 CDT 2013
Guess this explains the outage.
---------- Forwarded message ----------
From: Richard Forno <rforno at infowarrior.org>
US national vulnerability database hacked
By Jack Clark in San Francisco ? Get more from this author
Posted in Security, 14th March 2013 01:17 GMT
The US government's online catalog of cyber-vulnerabilities has been taken
offline ? ironically, due to a software vulnerability.
The National Institute of Standards and Technology's National
Vulnerability Database's (NVD) public-facing website and other services
have been offline since Friday due to a malware infection on two web
servers, it emerged on Wednesday.
The Register received an anonymous tip-off about the infection on
Wednesday afternoon, which led us to a Google+ post containing information
"On Friday March 8, a NIST firewall detected suspicious activity and took
steps to block unusual traffic from reaching the Internet," Gail Porter of
NIST's public inquiries office told a concerned chief security officer in
an email, according to the post.
"NIST began investigating the cause of the unusual activity and the
servers were taken offline. Malware was discovered on two NIST Web servers
and was then traced to a software vulnerability."
There is no evidence that NIST web pages were used to serve malware,
Porter wrote, and the organization is "continuing to respond to the
So far, NIST is doing everything by the literal book, as section 4.3.4 of
its own Guide to Malware Incident Prevention and Handling (PDF) says that
if you do get infected by malware, "containing incidents by placing
temporary restrictions on network connectivity can be very effective".
More information about the VIM