US national vulnerability database hacked
Malware infection forces government vuln catalog offline
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
The US government's online catalog of cyber-vulnerabilities has been taken offline – ironically, due to a software vulnerability.
The National Institute of Standards and Technology's National Vulnerability Database's (NVD) public-facing website and other services have been offline since Friday due to a malware infection on two web servers, it emerged on Wednesday.
The Register received an anonymous tip-off about the infection on Wednesday afternoon, which led us to a Google+ post containing information from NIST.
"On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet," Gail Porter of NIST's public inquiries office told a concerned chief security officer in an email, according to the post.
"NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability."
There is no evidence that NIST web pages were used to serve malware, Porter wrote, and the organization is "continuing to respond to the incident."
So far, NIST is doing everything by the literal book, as section 4.3.4 of its own Guide to Malware Incident Prevention and Handling (PDF) says that if you do get infected by malware, "containing incidents by placing temporary restrictions on network connectivity can be very effective".
The Register has requested more information on the problem, but NIST had not responded at the time of filing. ®
COMMENTS
It's like rain on your wedding day.
<< add list of other things that are definitely NOT ironic >>
Re: Irony?
It was el-reg that got the tip-off not NIST, so no one was "grassed up", as far as I can tell from this story NIST found it themselves (clappity) and dealt with it appropriately (gold star for them).
It seems that these days malware happens and generally speaking it just continues to happen until it is exploited, in this case they may have shut the gate on the horse as it was attempting to bolt and for this they should be commended.
It's still funny though :3
Re: "Locking the stable door after the horse ... " gets a malware?
AC @ 09:26
Either you are experiencing some difficulties with comprehension here or just like trolling.
7th March IIS
8th March Firewall activity notified site taken down
9th March Apache place-holder installed
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
