Their PGP keys have expired =) Sending email to US-CERT
When sending sensitive information to US-CERT via email, we encourage you to encrypt your messages. US-CERT uses multiple public keys based upon their purpose. If the purpose of your communication is a cyber security incident report, vulnerability report, or any other technical question related to cyber security, please use the following key: User ID: US-CERT Security Operations Center <s...@us-cert.gov> Key ID: B832BE70 Key Type: RSA Expires: 2009-10-01 Key size: 2048 Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70 Information about other keys can be found on Contacting US-CERT. & Receiving publications in email from US-CERT US-CERT signs the email distribution of all US-CERT publications, including Cyber Security Alerts, Technical Cyber Security Alerts, Cyber Security Bulletins and Cyber Security Tips with the following key: User ID: US-CERT Publications Key <us-c...@us-cert.gov> Key ID: 0x3E1F88AB Key Type: RSA Expires: 2009-10-01 Key Size: 2048 Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB http://www.us-cert.gov/pgp/email.html On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis <w...@c-tek.org> wrote: > Just got this from US Cert. With what's going on with this list. I fought > I might share with you all... > > With some of the crap on this list lately I really do hope it is spambots... > > ~Chris Wallis > > > __________ > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > US-CERT Current Activity > > Malicious Code Circulating via Israel/Hamas Conflict Spam Messages > > Original release date: January 9, 2009 at 9:25 am Last revised: January 9, > 2009 at 9:25 am > > > US-CERT is aware of public reports of malicious code circulating via spam > email messages related to the Israel/Hamas conflict in Gaza. > These messages may contain factual information about the conflict and > appear to come from CNN. Additionally, the messages indicate that > additional news coverage of the conflict can be viewed by following a link > provided in the email body. If users click on this link, they are > redirected to a bogus CNN website that appears to contain a video. > Users who attempt to view this video will be prompted to update to a new > version of Adobe Flash Player in order to view the video. This update is > not a legitimate Adobe Flash Player update; it is malicious code. If users > download this executable file, malicious code may be installed on their > systems. > > US-CERT encourages users and administrators to take the following > preventative measures to help mitigate the security risks: > * Install antivirus software, and keep the virus signatures up to > date. > * Do not follow unsolicited links and do not open unsolicited email > messages. > * Use caution when visiting untrusted websites. > * Use caution when downloading and installing applications. > * Obtain software applications and updates directly from the > vendor's website. > * Refer to the Recognizing and Avoiding Email Scams (pdf) document > for more information on avoiding email scams. > * Refer to the Avoiding Social Engineering and Phishing Attacks > document for more information on social engineering attacks. > > Relevant Url(s): > <http://www.us-cert.gov/cas/tips/ST04-014.html> > > <http://www.us-cert.gov/reading_room/emailscams_0905.pdf> > > ==== > This entry is available at > http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > > iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s > Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh > 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu > x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y > 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1 > fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ== > =PU6L > -----END PGP SIGNATURE----- > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/