US CERT Current Activity
FBI Releases Article on Defending Against E-Skimming
Oct 23, 2019
Original release date: October 23, 2019The Federal Bureau of Investigation (FBI) has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information (PII). The Cybersecurity and Infrastructure Security Agency (CISA) encourages businesses and agencies that take online payments to review the FBI article and consider the following tips to help protect against e-skimming: Keep software updated. Change default credentials and create strong, unique passwords on all systems. Implement multi-factor authentication. Do not click on links, and be wary of email attachments in messages. Segment and segregate networks and functions. Users can report suspected attacks to their local FBI office or to the FBI's Internet Crime Complaint Center at www.ic3.gov. This product is provided subject to this Notification and this Privacy & Use policy.
Beware of Stalking Apps
Oct 23, 2019
Original release date: October 23, 2019The Federal Trade Commission (FTC) has released an article warning consumers of “stalking apps”—spyware that secretly monitors smartphones. These apps can share information like call history, text messages, photos, GPS locations, and browser history without the user's knowledge. Although this can be a useful tool, stalking apps can also be used maliciously. Smartphone users who suspect an illegitimate stalking app on their device should consider the following steps: Use a rootchecker app to see if the phone is “jailbroken” or modified to allow unrestricted access to the entire file system. Get a new device or remove the stalking app by factory resetting the smartphone and reinstalling the manufacturer’s operating system. Get help. Law enforcement can determine if spyware is on your phone. The Cybersecurity and Infrastructure Security Agency (CISA) encourages individuals to review FTC’s article and CISA’s Tip on Privacy and Mobile Device Apps for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Oct 23, 2019
Original release date: October 23, 2019Google has released Chrome version 78.0.3904.70 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox and Firefox ESR
Oct 23, 2019
Original release date: October 23, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 70 and Firefox ESR 68.2. This product is provided subject to this Notification and this Privacy & Use policy.
Juniper Networks Releases Junos OS Security Advisory
Oct 23, 2019
Original release date: October 23, 2019Juniper Networks has released a security update to address a vulnerability in Junos OS. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
FTC Promotes International Charity Fraud Awareness Week
Oct 22, 2019
Original release date: October 22, 2019The Federal Trade Commission (FTC) has released an article promoting International Charity Fraud Awareness Week (ICFAW), which runs October 21–25. FTC, the National Association of State Charities Officials, and state and international partners coordinated this campaign to help both charities and donors avoid charity fraud. The Cybersecurity and Infrastructure Security Agency (CISA) encourages charities and donors to review FTC’s article and the following resources for more information: How to Donate Wisely and Avoid Charity Scams Tip Avoiding Social Engineering and Phishing Attacks Tip ICFAW resources and tips on FTC’s Twitter and Facebook accounts This product is provided subject to this Notification and this Privacy & Use policy.
NSA and NCSC Release Joint Advisory on Turla Group Activity
Oct 21, 2019
Original release date: October 21, 2019The National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC) have released a joint advisory on advanced persistent threat (APT) group Turla—widely reported to be Russian. The advisory provides an update to NCSC’s January 2018 report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to steal sensitive data. Additionally, the advisory states that Turla has compromised—and is currently leveraging—an Iranian APT group’s infrastructure and resources, which include the Neuron and Nautilus tools. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information: • NSA Advisory Turla Group Exploits Iranian APT To Expand Coverage Of Victims • UK NCSC Advisory Turla group exploits Iranian APT to expand coverage of victims • January 2018 UK NCSC Report Turla Group Malware This product is provided subject to this Notification and this Privacy & Use policy.
ISC Releases Security Advisories for BIND
Oct 17, 2019
Original release date: October 17, 2019The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisories for CVE-2019-6475 and CVE-2019-6476 for more information and to apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Oct 17, 2019
Original release date: October 17, 2019Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Aironet Access Points Unauthorized Access Vulnerability cisco-sa-20191016-airo-unauth-access Wireless LAN Controller Secure Shell Denial of Service Vulnerability cisco-sa-20191016-wlc-ssh-dos SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities cisco-sa-20191016-spa-rce Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability cisco-sa-20191016-sbss-csrf Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability cisco-sa-20191016-airo-pptp-dos Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability cisco-sa-20191016-airo-capwap-dos This product is provided subject to this Notification and this Privacy & Use policy.
Multiple Vulnerabilities in Pulse Secure VPN
Oct 16, 2019
Original release date: October 16, 2019The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT) actors. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information and to apply the necessary updates: CERT/CC Vulnerability Note VU#927237 Multiple Vulnerabilities in Pulse Secure VPN Pulse Secure Security Advisory SA44101 Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX National Security Agency (NSA) Cybersecurity Advisory Mitigating Recent VPN Vulnerabilities CISA Current Activity Vulnerabilities in Multiple VPN Applications This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Update for Harbor Container Registry for PCF
Oct 16, 2019
Original release date: October 16, 2019 VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0016 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases October 2019 Security Bulletin
Oct 15, 2019
Original release date: October 15, 2019Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle October 2019 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for Multiple Products
Oct 15, 2019
Original release date: October 15, 2019Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Experience Manager APSB19-48 Acrobat and Reader APSB19-49 Experience Manager Forms APSB19-50 Download Manager APSB19-51 This product is provided subject to this Notification and this Privacy & Use policy.
WordPress Releases Security Update
Oct 15, 2019
Original release date: October 15, 2019WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.2.4. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Oct 11, 2019
Original release date: October 11, 2019Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
FBI Releases Article on Defending Against Phishing and Spearphishing Attacks
Oct 10, 2019
Original release date: October 10, 2019In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI article and CISA's Tip on Avoiding Social Engineering and Phishing Attacks. For more information on NCSAM, see the NCSAM 2019 webpage and the NCSAM 2019 Toolkit. Users can report suspected attacks to their local FBI office or to the FBI's Internet Crime Complaint Center at www.ic3.gov. This product is provided subject to this Notification and this Privacy & Use policy.
ACSC Releases Small Business Cybersecurity Guide
Oct 10, 2019
Original release date: October 10, 2019The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. The guide provides checklists to help small business protect themselves against common cybersecurity incidents. The Cybersecurity and Infrastructure Security Agency (CISA) encourages small business owners and administrators to review ACSC’s Small Business Cyber Security Guide and CISA’s Resources for Business page to learn how to defend against cyberattacks. This product is provided subject to this Notification and this Privacy & Use policy.
Juniper Networks Releases Security Updates
Oct 10, 2019
Original release date: October 10, 2019Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisories webpage and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Updates
Oct 9, 2019
Original release date: October 9, 2019Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: Active System Console Advisory INTEL-SA-00261 Smart Connect Technology for Intel NUC Advisory INTEL-SA-00286 NUC Advisory INTEL-SA-00296 This product is provided subject to this Notification and this Privacy & Use policy.
iTerm2 Vulnerability
Oct 9, 2019
Original release date: October 9, 2019The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-9535) affecting iTerm2, a macOS terminal emulator. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#763073, Mozilla’s blog post, and iTerm2’s downloads page for patch information and additional details. This product is provided subject to this Notification and this Privacy & Use policy.
