US CERT Current Activity
National Consumer Protection Week
Feb 28, 2020
Original release date: February 28, 2020National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft. The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review FTC’s NCPW resource page and review the following CISA tips: Protecting Your Privacy Avoiding Social Engineering and Phishing Attacks Preventing and Responding to Identity Theft This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Feb 27, 2020
Original release date: February 27, 2020Cisco has released security updates to address vulnerabilities affecting FXOS, NX-OS, and Unified Computing System (UCS) software. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories, as well as the Cisco Event Response page, and apply the necessary updates: UCS Manager Software Local Management CLI Command Injection Vulnerability cisco-sa-20200226-ucs-cli-cmdinj Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service Vulnerability cisco-sa-20200226-nexus-1000v-dos MDS 9000 Series Multilayer Switches Denial of Service Vulnerability cisco-sa-20200226-mds-ovrld-dos FXOS and UCS Manager Software CLI Command Injection Vulnerability cisco-sa-20200226-fxos-ucs-cmdinj FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability cisco-sa-20200226-fxos-ucs-cli-cmdinj XOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability cisco-sa-20200226-fxos-nxos-cdp This product is provided subject to this Notification and this Privacy & Use policy.
New CWE List of Common Security Weaknesses
Feb 26, 2020
Original release date: February 26, 2020MITRE has released version 4.0 of the community-developed Common Weakness Enumeration (CWE) list. Previous CWE list versions describe common software security weaknesses. With version 4.0, the CWE list expands to include hardware security weaknesses. Additionally, version 4.0 simplifies the presentation of weaknesses into various views and adds a search function to enable easier navigation of the information. The Cybersecurity and Infrastructure Security Agency (CISA) sponsors MITRE’s CWE program, which is a community-based initiative. CISA welcomes new partners to the CWE program. Visit https://cwe.mitre.org to learn how to get involved. This product is provided subject to this Notification and this Privacy & Use policy.
OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability
Feb 25, 2020
Original release date: February 25, 2020OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to apply the necessary update. For OpenBSD implementations, binary patches are available through syspatch; see OpenSMTPD’s Message 04888 for further instruction. For other systems, the update is available at OpenSMTPD’s GitHub release page. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Feb 25, 2020
Original release date: February 25, 2020Google has released Chrome version 80.0.3987.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Feb 21, 2020
Original release date: February 21, 2020Google has released Chrome version 80.0.3987.116 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Note: although Google published an entry on these updates on Tuesday, February 18, the associated Common Vulnerabilities and Exposures numbers and descriptions appeared on the entry today, Friday, February 21. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Feb 20, 2020
Original release date: February 20, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates: Smart Software Manager On-Prem Static Credential Vulnerability cisco-sa-on-prem-static-cred-sL8rDs8 Unified Contact Center Express Privilege Escalation Vulnerability cisco-sa-uccx-privesc-Zd7bvwyf Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability cisco-sa-20200219-ucs-boot-bypass Email Security Appliance and Content Security Management Appliance Denial-of-Service Vulnerability cisco-sa-20200219-esa-sma-dos Email Security Appliance Denial-of-Service Vulnerability cisco-sa-20200219-esa-dos Data Center Network Manager Privilege Escalation Vulnerability cisco-sa-20200219-dcnm-priv-esc Data Center Network Manager Cross-Site Request Forgery Vulnerability cisco-sa-20200219-dcnm-csrf This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for After Effects and Media Encoder
Feb 20, 2020
Original release date: February 20, 2020Adobe has released security updates to address vulnerabilities in After Effects and Media Encoder. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletins APSB20-09 and APSB20-10 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates for vRealize Operations for Horizon Adapter
Feb 19, 2020
Original release date: February 19, 2020VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon Adapter. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0003 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Be Cautious of Romance Scams
Feb 14, 2020
Original release date: February 14, 2020This Valentine’s Day, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to be wary of internet romance scams. Cyber criminals partaking in this type of fraud target victims, gain their confidence, and convince them to transfer funds. When online dating, use caution and never send gifts or money to someone you have not met in person. CISA encourages online daters to review the Federal Trade Commission’s alert It’s not true love if they ask for money and watch the FTC video Online Romance Imposter Scams. For more information review CISA’s Tip on Staying Safe on Social Networking Sites. If you believe you have been a victim of a romance scam, file a report with: The online dating site, The Federal Trade Commission, and The Federal Bureau of Investigation's Internet Crime Complaint Center. This product is provided subject to this Notification and this Privacy & Use policy.
North Korean Malicious Cyber Activity
Feb 14, 2020
Original release date: February 14, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. HOPLIGHT (update) BISTROMATH SLICKSHOES HOTCROISSANT ARTFULPIE BUFFETLINE CROWDEDFLOUNDER CISA encourages users and administrators to review the Malware Analysis Reports for each malware variant listed above and the North Korean Malicious Cyber Activity page for more information. This product is provided subject to this Notification and this Privacy & Use policy.
New SchoolSafety.gov Provides Cyber Guidance for K-12 Schools
Feb 12, 2020
Original release date: February 12, 2020The Federal School Safety Clearinghouse just launched its website: SchoolSafety.gov. This website—a collaboration between the Department of Homeland Security and the U.S. Departments of Education, Justice, and Health and Human Services—features a fact sheet on Cyber Safety Considerations for K-12 Schools and School Districts. The factsheet provides guidance to educators, administrators, parents, and law enforcement officials on various online threats to students, including cyberbullying, ransomware, and online predation. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to read Cyber Safety Considerations for K-12 Schools and School Districts and to visit SchoolSafety.gov to learn more about all the resources available. Refer to CISA’s Tips on Keeping Children Safe Online and Dealing with Cyberbullies for additional best practices. This product is provided subject to this Notification and this Privacy & Use policy.
FBI Releases IC3 2019 Internet Crime Report
Feb 12, 2020
Original release date: February 12, 2020The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released the 2019 Internet Crime Report, which includes statistics based on data reported by the public through the IC3 website. The top three crimes types reported by victims in 2019 were phishing/vishing/smishing/pharming, non-payment/non-delivery, and extortion. FBI urges users to continue reporting complaints at www.ic3.gov to help law enforcement better combat cybercrime. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI press release and CISA’s Tip on Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases February 2020 Security Updates
Feb 11, 2020
Original release date: February 11, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s February 2020 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Updates
Feb 11, 2020
Original release date: February 11, 2020Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: RWC3 Advisory INTEL-SA-00341 MPSS Advisory INTEL-SA-00340 RWC2 Advisory INTEL-SA-00339 SGX SDK Advisory INTEL-SA-00336 CSME Advisory INTEL-SA-00307 Renesas Electronics USB 3.0 Driver Advisory INTEL-SA-00273 This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for Multiple Products
Feb 11, 2020
Original release date: February 11, 2020Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Framemaker APSB20-04 Acrobat and Reader APSB20-05 Flash Player APSB20-06 Digital Editions APSB20-07 Experience Manager APSB20-08 This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Multiple Products
Feb 11, 2020
Original release date: February 11, 2020Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Mozilla Security Advisories and apply the necessary updates: Firefox 73 Firefox ESR 68.5 Thunderbird 68.5 This product is provided subject to this Notification and this Privacy & Use policy.
Safer Internet Day
Feb 10, 2020
Original release date: February 10, 2020February 11, 2020, is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's theme—Together for a better internet—encourages everyone to play their part in creating a safer, more secure internet. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to view the Safer Internet Day website and the following tips: Keeping Children Safe Online Dealing with Cyberbullies Rethink Cyber Safety Rules and the “Tech Talk” with Your Teens This product is provided subject to this Notification and this Privacy & Use policy.
ACSC Releases Advisory on Mailto Ransomware Incidents
Feb 6, 2020
Original release date: February 6, 2020The Australian Cyber Security Centre (ACSC) has released an advisory on Mailto ransomware incidents. The ACSC has limited information regarding the initial intrusion vector for Mailto, also known as Kazakavkovkiz, but evidence suggests that Mailto actors may have used phishing and password spray attacks to comprise user accounts. The ACSC provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on Mailto ransomware incidents and CISA’s Tip on Protecting Against Ransomware for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Feb 6, 2020
Original release date: February 6, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories webpage. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories, as well Vulnerability Note #261385 from the CERT Coordination Center (CERT/CC), and apply the necessary updates: IP Phone Remote Code Execution and Denial-of-Service Vulnerability cisco-sa-20200205-voip-phones-rce-dos NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability cisco-sa-20200205-nxos-cdp-rce Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial-of-Service Vulnerability cisco-sa-20200205-ipcameras-rce-dos IOS XR Software Cisco Discovery Protocol Format String Vulnerability cisco-sa-20200205-iosxr-cdp-rce FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial-of-Service Vulnerability cisco-sa-20200205-fxnxos-iosxr-cdp-dos This product is provided subject to this Notification and this Privacy & Use policy.
