IC3 Issues Alert on RDP Exploitation

Original release date: September 28, 2018

The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administrati…

Original release date: September 28, 2018

The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). Threat actors identify and exploit vulnerable RDP sessions to facilitate credential theft and ransomware infection.

NCCIC encourages users and administrators to review the IC3 Alert and the NCCIC Tips on Securing Network Infrastructure Devices and Choosing and Protecting Passwords. If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov.


This product is provided subject to this Notification and this Privacy & Use policy.


DNSSEC Key Signing Key Rollover

Original release date: September 27, 2018 | Last revised: September 28, 2018

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System…

Original release date: September 27, 2018 | Last revised: September 28, 2018

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System (DNS) Security Extensions (DNSSEC) protocol.

DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important part of preventing domain name hijacking. Updating DNSSEC KSK is a crucial security step in ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector. Organizations that do not use DNSSEC validation will be unaffected by the rollover.

NCCIC encourages administrators to update their DNSSEC KSK before October 11, 2018. See the National Institute of Standards and Technology/National Telecommunications and Information Administration Roll Ready site and the ICANN Root Zone KSK Rollover resources page for more information.


This product is provided subject to this Notification and this Privacy & Use policy.


Google backtracks—a bit—on controversial Chrome sign-in feature

Privacy-conscious users were unhappy at being signed in to browser without consent.

Article intro image

Enlarge (credit: Google Chrome)

Google will partially revert a controversial change made in Chrome 69 that unified signing in to Google's online properties and Chrome itself and which further preserved Google's cookies even when users chose to clear all cookies. Chrome 70, due in mid-October, will retain the unified signing in by default, but it will allow those who want to opt out to do so.

Chrome has long had the ability to sign in with a Google account. Doing this offers a number of useful features; most significantly, signed-in users can enable syncing of their browser data between devices, so tabs open on one machine can be listed and opened on another, passwords saved in the browser can be retrieved online, and so on. This signing in uses a regular Google account, the same as would be used to sign in to Gmail or the Google search engine.

Prior to Chrome 69, signing in to the browser was independent of signing in to a Google online property. You could be signed in to Gmail, for example, but signed out of the browser to ensure that your browsing data never gets synced and stored in the cloud. Chrome 69 unified the two: signing in to Google on the Web would automatically sign you in to the browser, using the same account. Similarly, signing out of a Google property on the Web would sign you out of the browser.

Read 6 remaining paragraphs | Comments

NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices

Original release date: September 27, 2018

NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below:Thursday, September 27Tuesday, Oc…

Original release date: September 27, 2018

NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below:

NCCIC encourages decision makers, network defenders, and procurement analysts to register for the webinar by clicking on one of the dates listed above. The webinar will feature a discussion on identified threats, trends in the field, and insights from DHS’s binding operational directive impacting federal agencies.


This product is provided subject to this Notification and this Privacy & Use policy.