Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems. Past CERT summaries are available from:

CERT Summaries http://www.cert.org/summaries/

[...]

6. Continuing Threats to Home Users

The CERT/CC has observed a significant increase in activity resulting in compromises of home user machines. Many home users do not keep their machines up to date with security patches and workarounds, do not run current anti-virus software, and do not exercise caution when handling email attachments. Intruders know this, and we have seen a marked increase in intruders specifically targeting home users who have cable modem and DSL connections. The CERT/CC strongly encourages home users to review the below referenced documents. These documents illustrate the threats to home users, and outline countermeasures that can be used to mitigate against them.

CERT Advisory CA-2001-20: Continuing Threats to Home Users http://www.cert.org/advisories/CA-2001-20.html

CERT Tech Tip: Home Network Security http://www.cert.org/tech_tips/home_networks.html

7. W32/Leaves

The CERT/CC has received a number of reports regarding the compromise of home user machines running Microsoft Windows. Most of these reports surround the intruder tool SubSeven. SubSeven is often used as a Trojan horse, which allows an intruder to deliver and execute any custom payload and run arbitrary commands on the affected machine. CERT Incident Note IN-2001-07: W32/Leaves: Exploitation of previously installed SubSeven Trojan Horses http://www.cert.org/incident_notes/IN-2001-07.html