INFO SEC_Vulnerability Summary for the Week

National Cyber Awareness System:

ISC Releases Security Updates for BIND

02/18/2015 09:38 PM EST

Original release date: February 18, 2015

The Internet Systems Consortium (ISC) has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.

Updates available include:

• BIND 9.9.6-P2
• BIND 9.10.1-P2

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01235 and apply the necessary updates.

IRS Issues Warning for a Scam Targeting Tax Preparers

02/18/2015 09:46 PM EST

Original release date: February 18, 2015

The Internal Revenue Service (IRS) has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials.

US-CERT encourages users and administrators to review the IRS press release for details and refer to US-CERT Security Tip ST15-001 for information on "tax" themed phishing attacks.