US CERT Current Activity
Microsoft Releases October 2019 Security Updates
Oct 8, 2019
Original release date: October 8, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s October 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Updates
Oct 8, 2019
Original release date: October 8, 2019Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 7.14 iCloud for Windows 10.7 iTunes 12.10.1 for Windows macOS Catalina 10.15 This product is provided subject to this Notification and this Privacy & Use policy.
NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities
Oct 7, 2019
Original release date: October 7, 2019The National Security Agency (NSA) has released an advisory on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review NSA's Cybersecurity Advisory and CISA's Current Activity on Vulnerabilities in Multiple VPN Applications for more information and apply the necessary updates or mitigations. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Reports Cyberattacks on Targeted Email Accounts
Oct 4, 2019
Original release date: October 4, 2019The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the Microsoft blog for additional information and recommendations and CISA’s Tip on Supplementing Passwords. This product is provided subject to this Notification and this Privacy & Use policy.
Vulnerabilities Exploited in Multiple VPN Applications
Oct 4, 2019
Original release date: October 4, 2019The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Alert for more information and to review the following security advisories and apply the necessary updates: Palo Alto Security Advisory PAN-SA-2019-0020 FortiGuard Security Advisory FG-IR-18-384 FortiGuard Security Advisory FG-IR-18-388 FortiGuard Security Advisory FG-IR-18-389 Pulse Secure Security Advisory SA44101 This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases Fact Sheet on DNS Monitoring
Oct 4, 2019
Original release date: October 4, 2019The Dutch National Cyber Security Centre (NCSC) has released a fact sheet on the increasing difficulty of Domain Name System (DNS) monitoring. NCSC warns that although modernization of transport protocols is helpful, it also makes it more difficult to monitor or modify DNS requests. These changes could render an organization’s security controls ineffective. The Cybersecurity and Infrastructure Security Agency (CISA) recommends users and administrators review the Dutch NCSC fact sheet on DNS monitoring for additional information and recommendations. This product is provided subject to this Notification and this Privacy & Use policy.
IC3 Issues Alert on Ransomware
Oct 4, 2019
Original release date: October 4, 2019The Internet Crime Complaint Center (IC3) has released an alert on ransomware threats to U.S. businesses and organizations. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Cyber criminals often infect organizations with ransomware through email phishing campaigns or exploiting vulnerabilities in software or Remote Desktop Protocol (RDP). The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IC3 Alert and CISA’s resource page on ransomware for more information on protecting against and responding to ransomware. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Re-Releases Security Updates
Oct 3, 2019
Original release date: October 3, 2019Microsoft has re-released security updates to address a vulnerability in Microsoft software. A remote attacker could exploit this vulnerability to take control of an affected system. Updates are now available automatically via Windows Update or Windows Server Update Services. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Security Advisory for CVE-2019-1367 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Oct 3, 2019
Original release date: October 3, 2019Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Event Response page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Exim Releases Security Update
Oct 1, 2019
Original release date: October 1, 2019Exim has released a security update to address a vulnerability affecting Exim versions 4.92 to 4.92.2. A remote attacker could exploit this vulnerability to take control of an affected email server. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Exim CVE-2019-16928 page and upgrade to Exim 4.92.3. This product is provided subject to this Notification and this Privacy & Use policy.
Prepare for National Cybersecurity Awareness Month
Sep 30, 2019
Original release date: September 30, 2019October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance (NCSA)—to ensure every American has the resources they need to stay safe and secure online while increasing the resilience of the Nation against cyber threats. This year’s theme, “Own IT. Secure IT. Protect IT.,” focuses on promoting personal accountability and positive behavior when it comes to cybersecurity. CISA encourages organizations to see the NCSAM 2019 webpage and the NCSAM 2019 Toolkit for ways to participate in and promote NCSAM. This product is provided subject to this Notification and this Privacy & Use policy.
MS-ISAC Releases Advisory on PHP Vulnerability
Sep 27, 2019
Original release date: September 27, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Hypertext Preprocessor (PHP). An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2019-101 and the PHP Downloads page and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Updates
Sep 27, 2019
Original release date: September 27, 2019Apple has released security updates to address a vulnerability in multiple products. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, and Security Update 2019-005 Sierra watchOS 5.3.2 iOS 12.4.2 This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Advisories
Sep 26, 2019
Original release date: September 26, 2019Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Updates
Sep 25, 2019
Original release date: September 25, 2019Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to obtain access to sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Apple’s security updates page and apply the necessary updates for the following products: iOS 13.1 and iPadOS 13.1 Safari 13.0.1 tvOS 13 This product is provided subject to this Notification and this Privacy & Use policy.
Canadian Centre for Cyber Security Releases Advisory on New Ransomware Campaign
Sep 25, 2019
Original release date: September 25, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on a new ransomware campaign. The malware, named TFlower, may infect users via exposed, unpatched Remote Desktop Protocol (RDP) services. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review CCCS’s TFlower Ransomware Campaign Advisory for recommended mitigations and refer to CISA’s resource page on ransomware for more information on protecting against ransomware. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for ColdFusion
Sep 25, 2019
Original release date: September 25, 2019Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB19-47 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates
Sep 25, 2019
Original release date: September 25, 2019VMware has released security updates to address vulnerabilities in Cloud Foundation and Harbor Container Registry for Pivotal Cloud Foundry. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0015 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Out-of-Band Security Updates
Sep 23, 2019
Original release date: September 23, 2019Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software. A remote attacker could exploit of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Security Advisories for CVE-2019-1367, CVE-2019-1255, and Microsoft’s Cumulative security update for Internet Explorer and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates for Multiple Products
Sep 20, 2019
Original release date: September 20, 2019VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0014 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
