From security em unicamp.br  Thu May 16 10:08:10 2013
From: security em unicamp.br (CSIRT - UNICAMP)
Date: Thu, 16 May 2013 13:08:10 +0000
Subject: [SECURITY-L] [cais@cais.rnp.br: CAIS-Alerta: Resumo dos Boletins de
	Segurana Microsoft - Maio/2013]
Message-ID: <20130516130810.GA99083@unicamp.br>

----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----

From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Resumo dos Boletins de Segurança Microsoft - Maio/2013
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Wed, 15 May 2013 15:56:07 -0300 (BRT)

-----BEGIN PGP SIGNED MESSAGE-----

Prezados,

A Microsoft publicou 10 boletins de segurança em 14 de maio de 2013
que abordam ao todo 33 vulnerabilidades em produtos da empresa. A 
exploração destas vulnerabilidades permitem execução remota de código,
negação de serviço, divulgação não autorizada de informações, entre 
outros.

Até o momento da publicação deste alerta não foram divulgados códigos de
exploração para as vulnerabilidades listadas.


SEVERIDADE

. Crítica

- - MS13-037 - Atualização de segurança cumulativa para o Internet Explorer

- - MS13-038 - Atualização de segurança para o Internet Explorer


. Importante

- - MS13-039 - Vulnerabilidade no HTTP.sys pode permitir a negação de serviço

- - MS13-040 - Vulnerabilidades no .NET Framework podem permitir falsificação

- - MS13-041 - Vulnerabilidade no Lync pode permitir a execução remota de código

- - MS13-042 - Vulnerabilidades no Microsoft Publisher podem permitir a 
             execução remota de código

- - MS13-043 - Vulnerabilidade no Microsoft Word pode permitir a execução 
             remota de código

- - MS13-044 - Vulnerabilidade no Microsoft Visio pode permitir a divulgação 
             de informações

- - MS13-045 - Vulnerabilidade no Windows Essentials pode permitir a 
             divulgação não autorizada de informações

- - MS13-046 - Vulnerabilidades nos drivers do modo kernel podem permitir a 
             elevação de privilégio


. Moderada

- - Nenhum boletim


. Baixa

- - Nenhum boletim


O sistema de classificação de severidade das vulnerabilidades adotado
pelo CAIS neste resumo é o da própria Microsoft. O CAIS recomenda que se
aplique, minimamente, as correções para vulnerabilidades classificadas
como crítica e importante. No caso de correções para vulnerabilidades
classificadas como moderadas o CAIS recomenda que ao menos as
recomendações de mitigação sejam seguidas.

. Crítica - Vulnerabilidades cuja exploração possa permitir a propagação
  de um worm sem a necessidade de interação com o usuário.

. Importante - Vulnerabilidades cuja exploração possa resultar no
  comprometimento de confidencialidade, integridade ou disponibilidade
  de dados de usuários ou a integridade ou disponibilidade de recursos
  de processamento.

. Moderada - exploração é mitigada significativamente por fatores como
  configuração padrão, auditoria ou dificuldade de exploração.

. Baixa - uma vulnerabilidade cuja exploração seja extremamente difícil
  ou cujo impacto seja mínimo.


CORREÇÕES DISPONÍVEIS

Recomenda-se atualizar os sistemas para as versões disponíveis em:

. Microsoft Update
  https://www.update.microsoft.com/microsoftupdate/

. Microsoft Download Center
  http://www.microsoft.com/pt-br/download/security.aspx

MAIS INFORMAÇÕES

. Resumo do Boletim de Segurança da Microsoft de maio 2013
  http://technet.microsoft.com/pt-br/security/bulletin/ms13-may

. Microsoft TechCenter de Segurança
  http://technet.microsoft.com/pt-br/security/

. Microsoft Security Response Center - MSRC
  http://www.microsoft.com/security/msrc/

. Microsoft Security Research & Defense - MSRD
  http://blogs.technet.com/srd/

. Central de Proteção e Segurança Microsoft
  http://www.microsoft.com/brasil/security/


Identificador CVE (http://cve.mitre.org <http://cve.mitre.org/>):

CVE-2013-0811, CVE-2013-1297, CVE-2013-1306, CVE-2013-1307, CVE-2013-1308,
CVE-2013-1309, CVE-2013-1310, CVE-2013-1311, CVE-2013-1312, CVE-2013-1313,
CVE-2013-2551, CVE-2013-1347, CVE-2013-1305, CVE-2013-1336, CVE-2013-1337,
CVE-2013-1302, CVE-2013-1316, CVE-2013-1317, CVE-2013-1318, CVE-2013-1319,
CVE-2013-1320, CVE-2013-1321, CVE-2013-1322, CVE-2013-1323, CVE-2013-1327,
CVE-2013-1328, CVE-2013-1329, CVE-2013-1335, CVE-2013-1301, CVE-2013-0096,
CVE-2013-1332, CVE-2013-1333, CVE-2013-1334


O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as últimas versões e
correções oferecidas pelos fabricantes.

Os Alertas do CAIS também são oferecidos no formato RSS/RDF e no Twitter:
http://www.rnp.br/cais/alertas/rss.xml
Siga @caisrnp


Atenciosamente,
Equipe do CAIS/RNP

################################################################
#   CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS)     #
#       Rede Nacional de Ensino e Pesquisa (RNP)               #
#                                                              #
# cais em cais.rnp.br       http://www.cais.rnp.br                #
# Tel. 019-37873300      Fax. 019-37873301                     #
# Chave PGP disponivel   http://www.rnp.br/cais/cais-pgp.key   #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iQCVAwUBUZPaS+kli63F4U8VAQG7/QP+MwpDMzy8vIm+ntOWFc1mq0yYnN1fkvlD
dFAN5ArOFtiromUfS5O2efttwsgq0tuBPLDM5xyRxMfMk3y1BqWY24FpV/Sf2K/I
CpUjQKixxhRNOGien+RKQulIjrhPgxaU3VSvciACwtr94lF95O/uKrg7qbhOilwz
Ysh3vTwY1oo=
=JiBM
-----END PGP SIGNATURE-----


----- End forwarded message -----


From security em unicamp.br  Tue May 21 15:23:41 2013
From: security em unicamp.br (CSIRT - UNICAMP)
Date: Tue, 21 May 2013 18:23:41 +0000
Subject: [SECURITY-L] Fwd:[US-CERT] TA13-141A: Washington,
	DC Radio Station Web Site Compromise
Message-ID: <20130521182341.GB47304@unicamp.br>


-------- Original Message --------
Subject: 	TA13-141A: Washington, DC Radio Station Web Site Compromises
Date: 	Tue, 21 May 2013 11:13:20 -0500
From: 	US-CERT <US-CERT em public.govdelivery.com>
Reply-To: 	US-CERT em public.govdelivery.com



TA13-141A: Washington, DC Radio Station Web Site Compromises

US Computer Emergency Readiness Team banner graphic

National Cyber Awareness System:

TA13-141A: Washington, DC Radio Station Web Site Compromises
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&100&&&https://www.us-cert.gov/ncas/alerts/TA13-141A>
05/20/2013 05:59 PM EDT

Original release date: May 20, 2013 | Last revised: May 21, 2013


      Systems Affected

  * Microsoft Windows systems running Adobe Reader, Acrobat, or Oracle Java


      Overview

On May 16, 2013, US-CERT was notified that both
www.federalnewsradio[.]com and www.wtop[.]com had been compromised to
redirect Internet Explorer users to an exploit kit. As of May 17, 2013,
US-CERT analysis confirms that no malicious code remains on either site.


      Description

The compromised websites were modified to contain a hidden iframe
referencing a JavaScript file on a dynamic-DNS host. The file returned
from this site was identified as the Fiesta Exploit Kit. The exploit kit
script uses one of several known vulnerabilities to attempt to download
an executable:

  *

    CVE-2009-0927: Stack-based buffer overflow in Adobe Reader and Adobe
    Acrobat
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&101&&&http://www.adobe.com/support/security/bulletins/apsb09-04.html>

  *

    CVE-2010-0188: Unspecified vulnerability in Adobe Reader and Acrobat
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&102&&&http://www.adobe.com/support/security/bulletins/apsb10-07.html>

  *

    CVE-2013-0422: Multiple vulnerabilities in Oracle Java 7 before
    Update 11
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&103&&&http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>

Any systems visiting running vulnerable versions of Adobe Reader or
Acrobat or Oracle Java may have been compromised.


      Impact

The exploit kit, once successful, delivers and executes a known variant
of the ZeroAccess Trojan. Additionally, according to open source
reporting
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&104&&&http://www.invincea.com/2013/05/k-i-a-wtop-com-fednewsradio-and-tech-blogger-john-dvorak-blog-site-hijacked-exploits-java-and-adobe-to-distribute-fake-av-2/>,
the malware also downloads and installs a variant of FakeAV/Kazy malware.

The ZeroAccess Trojan attempts to beacon to one of two hardcoded
command-and-control addresses, 194[.]165[.]17[.]3 and
209[.]68[.]32[.]176. The beaconing occurs using an HTTP GET using the
Opera/10 user-agent string.

After beaconing, the malware then downloads a custom Microsoft Cabinet
file and the malware uses port UDP/16464 to connect to the peer-to-peer
network. This cabinet file contains several lists of IP addresses, as
well as a fake flash installer.


      Solution

Apply Updates

  * Adobe has provided updates for these vulnerabilities in Adobe
    Security Bulletin APSB09-04
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&105&&&https://www.adobe.com/support/security/bulletins/apsb09-04.html>
    and APSB10-07
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&102&&&http://www.adobe.com/support/security/bulletins/apsb10-07.html>.
  * Oracle has provided updates for this vulnerability in Oracle
    Security Alert for CVE-2013-0422
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&103&&&http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>.

Identify Infected Systems

Monitor activity to the following IPs as a potential indicator of
infection where permitted and practical:

  * 209.68.32.176
  * 194.165.17.3


      References

  * WTOP and Federal News Radio Websites Back After Cyber Attack
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&106&&&http://wtop.com/41/3319697/WTOP-and-Federal-News-Radio-Websites-Back-After-Cyber-Attack/>
  * APSB09-04
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&101&&&http://www.adobe.com/support/security/bulletins/apsb09-04.html>
  * Stack-based buffer overflow in Adobe Reader and Adobe Acrobat
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&107&&&https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0927>
  * APSB10-07
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&102&&&http://www.adobe.com/support/security/bulletins/apsb10-07.html>
  * Unspecified vulnerability in Adobe Reader and Acrobat
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&108&&&https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0188>
  * Multiple vulnerabilities in Oracle Java 7 before Update 11
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&109&&&https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0422>
  * Oracle Security Alert for CVE-2013-0422
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&103&&&http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>
  * K.I.A. ??? WTOP.com, FedNewsRadio and Tech Blogger John Dvorak Blog
    Site Hijacked ??? Exploits Java and Adobe to Distribute Fake A/V
    <http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&104&&&http://www.invincea.com/2013/05/k-i-a-wtop-com-fednewsradio-and-tech-blogger-john-dvorak-blog-site-hijacked-exploits-java-and-adobe-to-distribute-fake-av-2/>


      Revision History

  * Initial release

------------------------------------------------------------------------

This product is provided subject to this Notification
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&110&&&http://www.us-cert.gov/privacy/notification>
and this Privacy & Use
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&111&&&http://www.us-cert.gov/privacy/>
policy.

------------------------------------------------------------------------
OTHER RESOURCES:
Contact Us
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&112&&&http://www.us-cert.gov/contact-us/>
| Security Publications
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&113&&&http://www.us-cert.gov/security-publications>
| Alerts and Tips
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&114&&&http://www.us-cert.gov/ncas>
| Related Resources
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&115&&&http://www.us-cert.gov/related-resources>


STAY CONNECTED:
Sign up for email updates
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&116&&&http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new>


SUBSCRIBER SERVICES:
Manage Preferences
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&117&&&http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true>  |  Unsubscribe
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTMwNTIxLjE5MDIxMTgxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDEzMDUyMS4xOTAyMTE4MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MTMxMDMxJmVtYWlsaWQ9ZGFuaWVsYUBjY3VlYy51bmljYW1wLmJyJnVzZXJpZD1kYW5pZWxhQGNjdWVjLnVuaWNhbXAuYnImZmw9JmV4dHJhPU11bHRpdmFyaWF0ZUlkPSYmJg==&&&118&&&https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.7c8ce4d3117305e79fd4ab8b330b9e90&destination=daniela em ccuec.unicamp.br>  |  Help
<mailto:support em govdelivery.com>