The Register® — Biting the hand that feeds IT

Feeds

US national vulnerability database hacked

Malware infection forces government vuln catalog offline

Customer Success Testimonial: Recovery is Everything

The US government's online catalog of cyber-vulnerabilities has been taken offline – ironically, due to a software vulnerability.

The National Institute of Standards and Technology's National Vulnerability Database's (NVD) public-facing website and other services have been offline since Friday due to a malware infection on two web servers, it emerged on Wednesday.

The Register received an anonymous tip-off about the infection on Wednesday afternoon, which led us to a Google+ post containing information from NIST.

"On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet," Gail Porter of NIST's public inquiries office told a concerned chief security officer in an email, according to the post.

"NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability."

There is no evidence that NIST web pages were used to serve malware, Porter wrote, and the organization is "continuing to respond to the incident."

So far, NIST is doing everything by the literal book, as section 4.3.4 of its own Guide to Malware Incident Prevention and Handling (PDF) says that if you do get infected by malware, "containing incidents by placing temporary restrictions on network connectivity can be very effective".

The Register has requested more information on the problem, but NIST had not responded at the time of filing. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

It's like rain on your wedding day.

<< add list of other things that are definitely NOT ironic >>

1
0

Re: Irony?

It was el-reg that got the tip-off not NIST, so no one was "grassed up", as far as I can tell from this story NIST found it themselves (clappity) and dealt with it appropriately (gold star for them).

It seems that these days malware happens and generally speaking it just continues to happen until it is exploited, in this case they may have shut the gate on the horse as it was attempting to bolt and for this they should be commended.

It's still funny though :3

1
0

Re: "Locking the stable door after the horse ... " gets a malware?

AC @ 09:26

Either you are experiencing some difficulties with comprehension here or just like trolling.

7th March IIS

8th March Firewall activity notified site taken down

9th March Apache place-holder installed

1
0

More from The Register

 breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
 breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
 breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
Critical Java SE update due Tuesday fixes 40 flaws
And yes, most are remotely exploitable
NSA accused of new crimes ... against slideware
They may take our information but they cannot take our REFINED AESTHETICS