US Vulnerability Database Yanked Over Malware Infestation

Posted by timothy on Thursday March 14, 2013 @12:46AM from the hate-it-when-that-happens dept.

hypnosec writes "The US government's National Vulnerability Database (NVD) maintained by National Institute of Standards and Technology (NIST) has been offline for a few days because of malware infestation. The public-facing site has been taken offline because traces of malware were found on two of the web servers that house it. A post on Google+ containing an email from Gail Porter details the discovery of suspicious activity and subsequent steps taken by NIST. As of this writing the NVD website is still serving a page not found message."

2 of 52 comments (clear)

Min score:

Reason:

Sort:

Re:Baseline and STIG hosting by bcong · 2013-03-14 01:00 · Score: 4, Informative

Sorry, but no. The DISA STIGs are hosted here: http://iase.disa.mil/stigs/index.html
Re:Baseline and STIG hosting by chill · 2013-03-14 01:10 · Score: 3, Informative

Yes, sorry, I phrased that wrong.
NVD's search will reference the STIGs and then link to the .mil location. For us civilian types the NVD site is the gateway.

--
Learning HOW to think is more important than learning WHAT to think.