US CERT Current Activity
Drupal Releases Security Updates
Apr 18, 2018
Original release date: April 18, 2018 Drupal has released updates addressing a vulnerability in Drupal 8 and 7. A remote attacker could exploit this vulnerability to gain access to sensitive information.NCCIC encourages users and administrators to review the Drupal Security Advisory for additional information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Apr 18, 2018
Original release date: April 18, 2018 Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbsCisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal cisco-sa-20180418-uscdCisco StarOS Interface Forwarding Denial of Service Vulnerability cisco-sa-20180418-starosCisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability cisco-sa-20180418-iosxrCisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability cisco-sa-20180418-fpsnortCisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability cisco-sa-20180418-fp2100Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML Authentication Session Fixation Vulnerability cisco-sa-20180418-asaanyconnectCisco Adaptive Security Appliance Application Layer Protocol Inspection Denial of Service Vulnerabilities cisco-sa-20180418-asa_inspectCisco Adaptive Security Appliance TLS Denial of Service Vulnerability cisco-sa-20180418-asa3Cisco Adaptive Security Appliance Flow Creation Denial of Service Vulnerability cisco-sa-20180418-asa2Cisco Adaptive Security Appliance Virtual Private Network SSL Client Certificate Bypass Vulnerability cisco-sa-20180418-asa1 This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Update for Chrome
Apr 18, 2018
Original release date: April 18, 2018 Google has released Chrome version 66.0.3359.117 for Windows, Mac, and Linux. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system.NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases April 2018 Security Bulletin
Apr 17, 2018
Original release date: April 17, 2018 Oracle has released its Critical Patch Update for April 2018 to address 254 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Oracle April 2018 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Russian Malicious Cyber Activity
Apr 16, 2018
Original release date: April 16, 2018 The Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The U.S. Government refers to malicious cyber activity by the Russian government as GRIZZLY STEPPE.NCCIC encourages users and administrators to review the GRIZZLY STEPPE - Russian Malicious Cyber Activity page, which links to TA18-106A - Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices, for more information. This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates
Apr 13, 2018
Original release date: April 13, 2018 VMware has released security updates to address a vulnerability in vRealize Automation. An attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0009 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Juniper Networks Releases Security Updates
Apr 12, 2018
Original release date: April 12, 2018 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:Junos OS: Kernel crash upon receipt of crafted CLNP packets (CVE-2018-0016)SRX Series: Denial-of-service vulnerability in flowd daemon on devices configured with NAT-PT (CVE-2018-0017)SRX Series: Crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies (CVE-2018-0018)Junos: Denial-of-service vulnerability in SNMP MIB-II subagent daemon (mib2d) (CVE-2018-0019)Junos OS: rpd daemon cores due to malformed BGP UPDATE packet (CVE-2018-0020)Steel-Belted Radius Carrier: Eclipse Jetty information disclosure vulnerability (CVE-2015-2080)NorthStar: Return of Bleichenbacher’s Oracle Threat (ROBOT) RSA SSL attack (CVE-2017-1000385)OpenSSL: Multiple vulnerabilities resolved in OpenSSLJunos OS: Multiple vulnerabilities in stunnel 5.38NSM Appliance: Multiple vulnerabilities resolved in CentOS 6.5-based 2012.2R12 releaseJunos OS: Short MacSec keys may allow man-in-the-middle attacksJunos OS: Mbuf leak due to processing MPLS packets in VPLS networks (CVE-2018-0022)Junos Snapshot Administrator (JSNAPy) world writeable default configuration file permission (CVE-2018-0023) This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases April 2018 Security Updates
Apr 10, 2018
Original release date: April 10, 2018 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Microsoft's April 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Apr 10, 2018
Original release date: April 10, 2018 Adobe has released security updates to address vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-15, APSB18-13, APSB18-11, APSB18-10, and APSB18-08, and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Ongoing Threat of Ransomware
Apr 9, 2018
Original release date: April 09, 2018 Ransomware, a type of malicious software that infects and restricts access to a computer until a ransom is paid, is an ongoing threat to business and individual networks and devices. Although the individual ransomware may vary (e.g., WannaCry, NotPetya, etc.), NCCIC's best practices and guidance remain the same, including creating system back-ups, being wary of opening emails and attachments from unknown or unverified senders, and ensuring that systems are updated with the latest patches.NCCIC encourages users and administrators to review its Ransomware page for specific guidance and general best practices. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Update
Apr 4, 2018
Original release date: April 04, 2018 Microsoft has released a security update to address a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
FTC Releases Alert on Tax Identity Theft
Apr 3, 2018
Original release date: April 03, 2018 The Federal Trade Commission (FTC) and the Internal Revenue Service (IRS) are offering consumers a new way to report tax-related identity theft to the IRS online. Tax-related identity theft happens when someone steals your Social Security number to file a tax return and claims your refund. To report such a theft, go to IdentityTheft.gov.NCCIC encourages consumers to review the FTC Alert and the NCCIC Tip Preventing and Responding to Identity Theft. This product is provided subject to this Notification and this Privacy & Use policy.
NCCIC FY 2017 Year in Review Now Available
Apr 2, 2018
Original release date: April 02, 2018 The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) is pleased to present the Fiscal Year 2017 NCCIC Year in Review. This review highlights NCCIC’s critical role in protecting the Nation’s cyber and communications systems. Throughout the document, you will find informative data describing our organization, as well as our success stories.NCCIC continuously strives to improve its products and services. You can help by answering a very short series of questions about this product. This product is provided subject to this Notification and this Privacy & Use policy.
Easter Holiday Phishing Scams and Malware Campaigns
Mar 30, 2018
Original release date: March 30, 2018 As the Easter holiday approaches, NCCIC/US-CERT reminds users to be aware of potential holiday scams and cyber campaigns, which may includeemails and ecards from unknown senders that may contain malicious links,fake advertisements or shipping notifications with attachments infected with malware, andspoofed email messages and phony posts on social networking sites requesting support for fraudulent causes.NCCIC encourages users and administrators to be cautious of unsolicited messages and to review NCCIC Tips on Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Attacks. This product is provided subject to this Notification and this Privacy & Use policy.
Tax Guidance as Deadline Approaches
Mar 30, 2018
Original release date: March 30, 2018 As this year's April 17 tax deadline approaches, NCCIC/US-CERT offers taxpayers guidance to help protect their personal, financial, and tax information. Hackers can take advantage of taxpayers by using social engineering scams to attempt to steal personally identifiable information. NCCIC encourages taxpayers to review the following resources and recommendations:Avoid tax scams. Look for the telltale signs of tax scams:emails that appear to come from your tax professional, requesting information for an IRS formemails containing links to a supposed IRS websitebogus questionnaires claiming to be from the IRS or law enforcement agenciescalls where scammers leave urgent callback requestsSafeguard personal data.Use strong passwords.Keep software updated.If you believe you have been a victim of an IRS-related phishing attempt, visit the IRS’s page at https://www.irs.gov/privacy-disclosure/report-phishing to report suspicious IRS-related communications. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Release Patch for Windows 7 and Windows Server 2008 R2 Systems
Mar 29, 2018
Original release date: March 29, 2018 Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Exploitation of this vulnerability may allow an attacker to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review Vulnerability Note VU#277400 and Microsoft’s Advisory for more information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Multiple Security Updates
Mar 29, 2018
Original release date: March 29, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:iOS 11.3tvOS 11.3watchOS 4.3Xcode 9.3 This product is provided subject to this Notification and this Privacy & Use policy.
Apache Software Foundation Releases Security Update
Mar 29, 2018
Original release date: March 29, 2018 The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.NCCIC/US-CERT encourages users and administrators to review the Apache Security Bulletin and make the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
IC3 Issues Alert on Tech Support Fraud
Mar 29, 2018
Original release date: March 29, 2018 The Internet Crime Complaint Center (IC3) has released an alert on tech support fraud. Tech support fraud involves criminals claiming to provide technical support to fix problems that don't exist. Their methods include placing calls, sending pop-ups, engaging misleading lock screens, and sending emails to entice users to accept fraudulent tech support services. Users should not give control of their computers or mobile devices to any stranger offering to fix problems.NCCIC/US-CERT encourages users and administrators to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you are a victim of a tech support scam, file a complaint with the IC3 at www.ic3.gov. This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Critical Security Updates
Mar 28, 2018
Original release date: March 28, 2018 Drupal has released critical updates addressing a vulnerability in Drupal 8, 7, and 6. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review Drupal's Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
