NIST restructuring bill passes committee

Major malware campaign abuses unfixed PDF flaw

Cybersecurity Update – Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Jane Norris (6-10 a.m.) and The Daily Debrief with Chris Dorobek and Amy Morris (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • A bill that would provide for the first major restructuring of the National Institute of Standards and Technology in more than two decades won approval by a House committee Wednesday. GovInfoSecurity.com reports the America COMPETES Reauthorization Act would cut the number of NIST labs from 10 to six and promote the NIST director to undersecretary for standards and technology in the Department of Commerce. The NIST unit that provides IT and cybersecurity guidance to federal agencies would remain the same, while restructuring the remaining five labs.
  • Several security companies today warned of a major malware campaign that tries to fool users into opening PDFs that exploit a format design flaw. Computer World reports that users who open the attack PDFs are infected with a variety of a Windows worm known as “Auraax” or “Emold,”. The malicious messages masquerade as mail from company system administrators and come with a mailbox change alert in the subject line. The PDF contains instructions on how to reset e-mail settings. In reality, the PDFs contain embedded malware and use the format’s /Launch function to execute that malware on Windows PCs running the newest versions of Adobe Systems Acrobat application or its free Adobe Reader, as well as other PDF viewers, like Foxit Reader.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.