Hackers take down US gov't. cyber-security database.

A federal government database that stores malicious viruses and cyber-attacks has been taken offline following the detection of a hacker attack on its servers. The database is meant to provide an early warning of Internet infiltration by new viruses.
Viewed as the Bible of virus and malware information, the National Vulnerability Database's (NVD) website of the National Institute of Standards and Technology (NIST) was taken down on March 8 following the discovery of malware on two of its servers.
Finnish security researcher Kim Halavakosk asked the NIST, via email, for an explanation as to why the database has gone offline.
An NIST firewall "detected suspicious activity and took steps to block unusual traffic from reaching the Internet," said spokeswoman Gail Porter. "NIST began investigating the cause of the unusual activity and the servers were taken offline."
The National Vulnerability Database is a comprehensive repository of information that allows computers to conduct automated searches for the latest known vulnerabilities in hardware or software computing products, Porter said.A The goal of the NVD is to help organizations and individuals better protect their computers against security threats.
Many government agencies and private businesses use the database, she said.
The malware that caused the shutdown took advantage of vulnerabilities in Adobe ColdFusion to infiltrate the NDV, the Register reports. Both servers were compromised for at least two months before a firewall detected them. A patch is now available from Adobe to fix the issue.
Porter elaborated on the investigation, saying, “currently there is no evidence that NVD or any other NIST public pages contained or were used to deliver malware to users of these NIST Web sites,” assuring Halavakosk that the servers would be back online as soon as possible, though she gave no specific timeframe.
https://www.networkworld.com/news/2013/031413-us-nists-vulnerability-database-267714.html
http://rt.com/usa/us-federal-malware-database-hacked-291/