The NCSC has released an advisory for mitigating the risks associated with mobile electronic devices. You can access the full advisory below.
If you have any questions regarding this advisory, please contact the NCSC at firstname.lastname@example.org
Mozilla has released a Security Advisory which details a number of vulnerabilities in several versions of the Firefox Internet browser and Thunderbird email client. The advisory outlines multiple vulnerabilities in the following products:
• Firefox versions prior to 22.0
• Firefox Extended Support Release (ESR) versions prior to 17.0.7
• Thunderbird versions prior to 17.0.7
• Thunderbird Extended Support Release (ESR) versions prior to 17.0.7
A security researcher has released details of a significant zero day vulnerability in some versions of the Plesk server management software. The code-execution vulnerability affects default versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 of Plesk running on the Linux and FreeBSD operating systems. Windows and other types of Unix have not currently been tested to see if those configurations are vulnerable as well.
Reporting an Incident
If you are a New Zealand government institution or a Critical National Infrastructure (CNI) organisation and you have encountered or suspect the presence of a cyber threat, please complete and return an Incident Reporting Form. If required, you can speak with us directly on (04) 498-7654. All incident reports provided to the NCSC are treated in the strictest of confidence.
Some Interesting Stats
In its second year of operation, the NCSC saw an increase in the number of cyber security incidents reported, from a total of 90 in 2011, to a total of 134 in 2012. The bulk (60%) of the incidents reported to NCSC in 2012 originated from an overseas source.
The 2012 Sophos report states that approximately 30,000 new malicious URLs were found each day during the second half of 2011- an increase of 50% over the first half of the year.
In a research experiment, the Sophos Australia office purchased 50 USB flash drives from a lost property auction. A massive 66% of the drives were infected by malware.