US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Apple Releases Security Updates

Jan 23, 2017

Original release date: January 23, 2017 Apple has released security updates to address multiple vulnerabilities in several products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.Users and administrators are encouraged to review the Apple security pages for the following products and apply the necessary updates:iTunes,Safari,iCloud for Windows,macOS Sierra,iOS,tvOS,watchOS,GarageBand, andLogic Pro X. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

IC3 Warns of Employment Scams Targeting College Students

Jan 19, 2017

Original release date: January 19, 2017 The Internet Crime Complaint Center (IC3) has issued an alert on employment scams targeting college students. Phony job opportunities are advertised via college employment websites or students’ university emails. Unfortunately, students who take the bait suffer financial losses.US-CERT encourages users and administrators to review the IC3 Alert for information on avoiding these scams. US-CERT Tip ST04-014 is another useful reference on social engineering and phishing attacks. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Oracle Releases Security Bulletin

Jan 18, 2017

Original release date: January 18, 2017 Oracle has released its Critical Patch Update for January 2017 to address 270 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.Users and administrators are encouraged to review the Oracle January 2017 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

SMB Security Best Practices

Jan 16, 2017

Original release date: January 16, 2017 | Last revised: January 17, 2017 In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive information from affected systems.US-CERT recommends that users and administrators consider:disabling SMB v1 andblocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.US-CERT cautions users and administrators of potential issues that could be created by disabling SMB v1. For more information on SMB, review Microsoft Security Advisories 2696547 and 204279. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

ISC Releases Security Updates for BIND

Jan 11, 2017

Original release date: January 11, 2017 The Internet Systems Consortium (ISC) has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition.Available updates include:BIND 9 version 9.9.9-P5BIND 9 version 9.10.4-P5BIND 9 version 9.11.2-P2BIND 9 version 9.9.9-S7Users and administrators are encouraged to review ISC Knowledge Base Articles AA-01439, AA-01440, AA-01441, and AA-01442 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Jan 10, 2017

Original release date: January 10, 2017 Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-01 and APSB17-02 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases January 2017 Security Bulletin

Jan 10, 2017

Original release date: January 10, 2017 Microsoft has released four updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.Users and administrators are encouraged to review Microsoft Security Bulletins MS17-001 through MS17-004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips