US CERT Current Activity
Multiple Petya Ransomware Infections Reported
Jun 27, 2017
Original release date: June 27, 2017 US-CERT has received multiple reports of Petya ransomware infections occurring in networks in many countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users' access to the infected machine until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee that access will be restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable. Open-source reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB). US-CERT encourages users and administrators to review the US-CERT article on the Microsoft SMBv1 Vulnerability and the Microsoft Security Bulletin MS17-010. For general advice on how to best protect against ransomware infections, review US-CERT Alert TA16-091A. Please report any ransomware incidents to the Internet Crime Complaint Center (IC3). This product is provided subject to this Notification and this Privacy & Use policy.
NIST Releases New Digital Identity Guidelines
Jun 26, 2017
Original release date: June 26, 2017 The National Institute of Standards and Technology (NIST) has released the Digital Identity Guidelines document suite. The four-volume suite offers technical guidelines for organizations that use digital identity services.US-CERT encourages information security practitioners in industry, government, and academic organizations to refer to the NIST blog post and SP 800-63 for more information. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Warns of Summertime Scams
Jun 26, 2017
Original release date: June 26, 2017 The Internal Revenue Service (IRS) has released an alert warning of various types of scams targeting taxpayers this summer. The alert describes common features of these cyber crimes, including: robocalls, private debt collection, and scams that target taxpayers with limited English proficiency.Taxpayers and tax professionals are encouraged to review the IRS alert and US-CERT's advice on Avoiding Social Engineering and Phishing Attacks. This product is provided subject to this Notification and this Privacy & Use policy.
FTC Releases Alert on Tech-Support Scams
Jun 23, 2017
Original release date: June 23, 2017 The Federal Trade Commission (FTC) has released an alert on technical-support scams. In these schemes, deceptive tech-support operations offer to fix problems that don't exist, placing calls or sending pop-ups to make people think their computers are infected with viruses. Users should not give control of their computers to any stranger offering to fix problems.US-CERT encourages users and administrators to refer to the FTC Alert and the US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.
IC3 Issues Internet Crime Report for 2016
Jun 21, 2017
Original release date: June 21, 2017 The Internet Crime Complaint Center (IC3) has released its 2016 Internet Crime Report, describing the numbers and types of cyber crimes reported to IC3. Business Email Compromise (BEC), ransomware attacks, tech support fraud, and extortion are all common schemes affecting people in the U.S. and around the world.US-CERT encourages users to review the 2016 Internet Crime Report for details and refer to the US-CERT Security Publication on Ransomware for information on defending against this particular threat. This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Security Updates
Jun 21, 2017
Original release date: June 21, 2017 Drupal has released an advisory to address several vulnerabilities in Drupal versions 7.x and 8.x. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to version 7.56 or 8.3.4. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jun 21, 2017
Original release date: June 21, 2017 Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system.US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:Prime Infrastructure and Evolved Programmable Network Manager XML Injection Vulnerability cisco-sa-20170621-piepnm1Virtualized Packet Core – Distributed Instance Denial-of-Service Vulnerability cisco-sa-20170621-vpcWebEx Network Recording Player Multiple Buffer Overflow Vulnerabilities cisco-sa-20170621-wnrp This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Update
Jun 15, 2017
Original release date: June 15, 2017 Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.2 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jun 15, 2017
Original release date: June 15, 2017 Google has released Chrome version 59.0.3071.104 for Windows, Mac, and Linux. This version addresses several vulnerabilities, including one that an attacker could exploit to cause a denial-of-service condition.US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
ISC Releases Security Updates for BIND
Jun 14, 2017
Original release date: June 15, 2017 The Internet Systems Consortium (ISC) has released updates that address two vulnerabilities in BIND. An attacker could exploit one of these vulnerabilities to take control of an affected system.Available updates include:BIND version 9.11.1-P1BIND version 9.10.5-P1BIND version 9.9.10-P1ISC recommends disabling LMDB (liblmdb) until BIND 9.11.2 is released later this summer. US-CERT encourages users and administrators to review ISC Knowledge Base Article AA-01497 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases June 2017 Security Updates
Jun 13, 2017
Original release date: June 13, 2017 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system.US-CERT encourages users and administrators to review Microsoft's June 2017 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates
Jun 13, 2017
Original release date: June 13, 2017 Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 54 and Firefox ESR 52.2 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Jun 13, 2017
Original release date: June 13, 2017 Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Shockwave Player, Captivate, and Digital Editions. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-17, APSB17-18, APSB17-19, and APSB17-20 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
FTC Recommends Steps to Protect Against Mobile Phone Theft
Jun 8, 2017
Original release date: June 08, 2017 The Federal Trade Commission (FTC) has released an alert about the theft of mobile phones and the best way to prepare for and recover from this kind of theft. Precautionary steps include regularly backing up the data on the phone, using strong passwords, and using two-factor authentication on any accounts on the phone.US-CERT encourages users and administrators to refer to the FTC Alert and the US-CERT Tip on Cybersecurity for Electronic Devices for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jun 7, 2017
Original release date: June 07, 2017 Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system.Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:Prime Data Center Network Manager Debug Remote-Code-Execution Vulnerability cisco-sa-20170607-dcnm1Prime Data Center Network Manager Server Static Credential Vulnerability cisco-sa-20170607-dcnm2AnyConnect Local-Privilege-Escalation Vulnerability cisco-sa-20170607-anyconnectTelePresence Endpoint Denial-of-Service Vulnerability cisco-sa-20170607-tele This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates
Jun 7, 2017
Original release date: June 07, 2017 VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system.US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jun 6, 2017
Original release date: June 06, 2017 Google has released Chrome version 59.0.3071.86 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system.Users and administrators are encouraged to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
SEI Issues Advice on Ransomware
Jun 1, 2017
Original release date: June 01, 2017 The Software Engineering Institute (SEI) of Carnegie Mellon University has released a blog post on best practices for preventing and responding to ransomware. This common malware captures, encrypts, and holds your data to extort a ransom. SEI’s top recommendation to thwart ransomware attacks is to back up your important files regularly.US-CERT encourages users and administrators to review SEI's blog post and US-CERT's Security Publication on Ransomware for more information. This product is provided subject to this Notification and this Privacy & Use policy.
FBI Releases Article on Protecting Business Email Systems
May 31, 2017
Original release date: May 31, 2017 The Federal Bureau of Investigation (FBI) has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use of free web-based email accounts; using multi-factor authentication; and updating firewalls, antivirus programs, and spam filters.US-CERT encourages users and administrators to review the FBI article for more information and refer to US-CERT Tips on Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Attacks. This product is provided subject to this Notification and this Privacy & Use policy.
FTC Releases Alert on Identity Theft
May 25, 2017
Original release date: May 25, 2017 The Federal Trade Commission (FTC) has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to hacker sites. To prevent identity theft, a user should follow password security best practices, such as multi-factor authentication, which requires a user to simultaneously present multiple pieces of information to verify their identity.US-CERT encourages users to refer to the FTC alert and the US-CERT Tips on Preventing and Responding to Identity Theft, Choosing and Protecting Passwords, and Supplementing Passwords for more information. This product is provided subject to this Notification and this Privacy & Use policy.
