Network Services

August 27, 2009
Top 10 Spam Subject Lines
Threat Rank: HIGH

Spam campaigns can change rapidly so any spam, or missed spam, you receive in your inbox may not necessarily correspond with the spam subjects in this list, as these subjects may be blocked by your anti-spam software if installed.

1. You've received a greeting e-card

2. Virtualization Webinar

3. Masters degree with no efforts

4. Career Advancement Opportunities - July of 2009

5. Webinar: Think Big: Create Efficiencies With an Enterprise-Wide

6. Non-profit job from home

7. Administrative Certification: Increase Productivity with Superior Organizational Skills

8. Administrative Certification: Gain Credibility by Maximizing Your Productivity

9. You can wear Tag Heuer watch now

10. You can wear Cartier watch now

If your personal information is stolen, four steps to take
Threat Rank: HIGH

It's important to protect your personal information, and to take certain steps quickly to minimize the potential damage from identity theft if your information is accidentally disclosed or deliberately stolen:

1. Place a "Fraud Alert" on your credit reports, and review those reports carefully. Notifying one of the three nationwide consumer reporting companies is sufficient.

2. Contact your bank or other financial institution(s) and close any accounts that have been tampered with or established fraudulently.

3. File a police report with local law enforcement officials. This is an essential step for protecting your rights.

4. Report your theft to the Federal Trade Commission, online, by phone, or by mail.

Current Spam Categories

August 19, 2009
Vulnerabilities in Microsoft Office Web Components
Threat Rank: HIGH

Description: This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user.

What to do: Microsoft recommends that customers apply the update immediately.

Vulnerabilities in Remote Desktop Connection
Threat Rank: HIGH

Description: This security update is rated Important for default versions of RDP on supported editions of Windows Vista, Windows Vista for x64-based Systems, and Remote Desktop Connection Client for Mac 2.0 and is rated Critical for default versions of RDP on all other supported Windows editions. The security update addresses the vulnerabilities by changing the way the Remote Desktop Connection deals with unexpected parameters sent by the RDP server and by correctly validating parameters passed to the Remote Desktop Connection ActiveX control methods.

What to do: The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically.

Cisco Releases Security Advisory for Firewall Services Module Vulnerability
Threat Rank: HIGH

Description: Cisco has released a security advisory to address a vulnerability in the Firewall Services Module (FWSM) for the Catalyst 6500 series switches and the 7600 series routers. By sending specially crafted ICMP messages to the Firewall Services Module, an attacker can cause a denial-of-service condition.

What to do: US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20090819-fwsm and apply any necessary updates or workarounds to help mitigate the risks.

Apr09     Jun09    Jul09    Aug09    Sep09    Oct09    Nov09    Dec09    Jan10