US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Oracle Releases July 2018 Security Bulletin

Jul 17, 2018

Original release date: July 17, 2018 Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Oracle July 2018 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FTC Issues Alert on Tech Support Scams

Jul 16, 2018

Original release date: July 16, 2018 The Federal Trade Commission has released an alert on tech support scams. Scammers use pop-up messages, websites, emails, and phone calls to entice users to pay for fraudulent tech support services to repair problems that don’t exist. Users should not pay or give control of their devices to any stranger offering to fix problems. NCCIC encourages users and administrators to refer to the FTC Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you are a victim of a tech support scam, file a complaint at www.FTC.gov/complaint. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

IC3 Warns of Business Email Compromise Scams

Jul 13, 2018

Original release date: July 13, 2018 The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.NCCIC encourages businesses and individuals to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Juniper Networks Releases Security Updates

Jul 12, 2018

Original release date: July 12, 2018 Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Juniper Security Advisories website and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

ISC Releases Security Advisory for Kea DHCP

Jul 12, 2018

Original release date: July 12, 2018 The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.NCCIC encourages users and administrators to review ISC Knowledge Base Article AA-01626 and apply the necessary update or workaround. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Jul 11, 2018

Original release date: July 11, 2018 Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Web UI Command Injection Vulnerability cisco-sa-20180711-phone-webui-injectStarOS IPv4 Fragmentation Denial-of-Service Vulnerability cisco-sa-20180711-staros-dos This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases July 2018 Security Updates

Jul 10, 2018

Original release date: July 10, 2018 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Microsoft’s July 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Jul 10, 2018

Original release date: July 10, 2018 Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Flash Player, Adobe Connect, and Adobe Experience Manager. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.   NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apple Releases Multiple Security Updates

Jul 9, 2018

Original release date: July 09, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:iTunes 12.8 for WindowsiCloud for Windows 7.6Safari 11.1.2macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El CapitanwatchOS 4.3.2tvOS 11.4.1iOS 11.4.1 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CIS Releases 2017 Year in Review

Jul 6, 2018

Original release date: July 06, 2018 The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS's role in improving cyber defense and MS-ISAC's advances in membership, monitoring, cyber education, and information sharing with partners. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apple Releases Security Update for Boot Camp

Jul 6, 2018

Original release date: July 06, 2018 Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information.NCCIC encourages users and administrators to review Apple’s security page for Wi-Fi Update for Boot Camp 6.4.0 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Update for Thunderbird

Jul 3, 2018

Original release date: July 03, 2018 Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.9 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates

Jun 30, 2018

Original release date: June 30, 2018 VMware has released security updates to address vulnerabilities in VMware ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to obtain sensitive information.NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0016 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox

Jun 26, 2018

Original release date: June 26, 2018 Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR and Firefox. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition.NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox ESR 52.9, Firefox ESR 60.1, and Firefox 61 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Global Threats to Information Systems

Jun 21, 2018

Original release date: June 21, 2018 The advanced capabilities of organized hacker groups and cyber threat actors are an increasing global threat to information systems. Rising threat levels place more demands on cybersecurity personnel and network administrators to protect information systems. Protecting network infrastructure is critical to preserving the confidentiality, integrity, and availability of communication and services across an enterprise.Cyber campaigns—such as NotPetya—are examples of increasingly advanced threat actor activity. NotPetya coincided with a national holiday of the targeted nation. NCCIC recommends organizations remain vigilant and aware of potential malicious cyber activity ahead of upcoming national holidays, including Ukraine’s Constitution Day on June 28, 2018.NCCIC encourages users and administrators to review Securing Network Infrastructure Devices and the United Kingdom’s National Cyber Security Centre (NCSC) guidance on Internet Edge Device Security and implement the following recommendations:Segregate networks and functions.Limit unnecessary lateral communications.Harden network devices.Secure access to infrastructure devices.Perform out-of-band network management.Validate hardware and software integrity. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates for Multiple Products

Jun 20, 2018

Original release date: June 20, 2018 Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability cisco-sa-20180620-nxos-boCisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-fab-aceCisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-aceCisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability  cisco-sa-20180620-fx-os-fabric-executionCisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fx-os-cli-executionCisco NX-OS Software CLI Arbitrary Command Injection Vulnerability cisco-sa-20180620-nx-os-cli-injectionCisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability cisco-sa-20180620-nxossnmpCisco NX-OS Software Role-Based Access Control Elevated Privileges Vulnerability  cisco-sa-20180620-nxosrbacCisco NX-OS Software Internet Group Management Protocol Snooping Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180620-nxosigmpCisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerability cisco-sa-20180620-nxosbgpCisco FXOS and NX-OS Software Unauthorized Administrator Account Vulnerability cisco-sa-20180620-nxosadminCisco NX-OS Software NX-API Privilege Escalation Vulnerability cisco-sa-20180620-nxos-nxapiCisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service Vulnerability cisco-sa-20180620-nxos-cdpCisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-nx-os-fabric-dosCisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-nx-os-fabric-services-dosCisco NX-OS Software CLI Arbitrary Command Execution Vulnerability cisco-sa-20180620-nx-os-cli-executionCisco NX-OS Software NX-API Arbitrary Command Execution Vulnerability cisco-sa-20180620-nx-os-api-executionCisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service Vulnerability cisco-sa-20180620-n4k-snmp-dosCisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability cisco-sa-20180620-n3k-n9k-clisnmpCisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability cisco-sa-20180620-fxos-dosCisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxos-aceCisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-dosCisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-fx-os-fabric-dosCisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability cisco-sa-20180620-firepwr-pt This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FTC, Partners Help Small Businesses Stop Scams

Jun 18, 2018

Original release date: June 18, 2018 The Federal Trade Commission (FTC) has launched Operation Main Street, an effort with the Better Business Bureau (BBB) and law enforcement to educate small business owners on how to stop scams targeting their businesses. Accordingly, FTC released Scams and Your Small Business, a guide for businesses detailing how to avoid, identify, and report scams.NCCIC encourages business owners and other consumers to review the FTC article and NCCIC's Resources for Small and Midsize Businesses. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

North Korean Malicious Cyber Activity

Jun 14, 2018

Original release date: June 14, 2018 The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as TYPEFRAME—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.US-CERT encourages users and administrators to review Malware Analysis Report (MAR) 10135536-12 and the US-CERT page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

ISC Releases Security Advisory for BIND

Jun 13, 2018

Original release date: June 13, 2018 The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to obtain sensitive information.NCCIC encourages users and administrators to review the ISC Knowledge Base Article AA-01616 and apply the necessary workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Intel Releases Security Advisory on Lazy FP State Restore Vulnerability

Jun 13, 2018

Original release date: June 13, 2018 Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. An attacker could exploit this vulnerability to obtain access to sensitive information.NCCIC encourages users and administrators to review Intel's Security Advisory INTEL-SA-00145, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips