The Security Tango is my name for the dance you have to do every time you want to assure yourself that your computer is free of viruses, spyware, keystroke loggers, backdoors, trojans, and other forms of malware (click the Definitions button in the menu to see what all those things mean).It's something you need to do regularly and often - daily is too often!Without it, that machine will not receive any of the following fixes from Microsoft: More information can be found here: https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software.
This table will be updated as information becomes available. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with a Trojan malware variant used by the North Korean government—commonly known as Volgmer. For more information on HIDDEN COBRA activity, visit https://
Original release date: November 14, 2017 | Last revised: November 22, 2017 Network systems This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and to further network exploitation.
The Linux kernel mitigations for this vulnerability are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages.
NCCIC encourages users and administrators to refer to their hardware and software vendors for the most recent information.
Additionally, users and administrators who rely on cloud infrastructure should work with their CSP to mitigate and resolve any impacts resulting from host OS patching and mandatory rebooting.
The following table contains links to advisories and patches published in response to the vulnerabilities. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.DHS and FBI are distributing these IP addresses to enable network defense and reduce exposure to North Korean government malicious cyber activity.This alert includes IOCs related to HIDDEN COBRA, IP addresses linked to systems infected with Volgmer malware, malware descriptions, and associated signatures.The simple act of getting on the Internet and downloading email or going to a Web page can expose your computer to malicious crackers who would love to take over your machine for their own use. Originally, the Security Tango was mostly for Windows-based computers.To dance the Security Tango, click the Let's Dance link up above. I'm sure that those of you running Linux or a Macintosh used to laugh yourselves sick at all the machinations that your Windows-using friends had to go through to keep themselves safe. As Linux and the Mac have become more popular, we've see more viruses for them.It is suspected that spear phishing is the primary delivery mechanism for Volgmer infections; however, HIDDEN COBRA actors use a suite of custom tools, some of which could also be used to initially compromise a system.