US CERT Current Activity
Tax Identity Theft Awareness Week
Jan 24, 2019
Original release date: January 24, 2019 Tax Identity Theft Awareness Week is January 28 to February 1. This annual campaign aims to help consumers be more informed about protecting themselves from tax-related identity theft and scams. Tax-related identity theft occurs when someone steals a Social Security number and uses it to claim a tax refund or get a job.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages consumers to review the Internal Revenue Service (IRS) publication Taxes. Security. Together., and NCCIC Tips on Preventing and Responding to Identity Theft and IRS and NCCIC Caution Users: Prepare for Heightened Phishing Risk This Tax Season for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jan 23, 2019
Original release date: January 23, 2019 Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Emergency Directive on DNS Infrastructure Tampering
Jan 22, 2019
Original release date: January 22, 2019 The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to address ongoing incidents associated with global Domain Name System (DNS) infrastructure tampering. CISA is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the agencies that maintain them. The directive requires Federal agencies to take specific steps and comply with reporting procedures to mitigate risks from undiscovered tampering, prevent illegitimate DNS activity, and detect unauthorized certificates.Federal agencies should review Emergency Directive 19-01 for required actions and reporting procedures. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Multiple Security Updates
Jan 22, 2019
Original release date: January 22, 2019 Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Apple Security Updates page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Jan 22, 2019
Original release date: January 22, 2019 Adobe has released security updates to address vulnerabilities in Adobe Experience Manager. An attacker could exploit these vulnerabilities to obtain sensitive information.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins APSB19-03 and APSB19-09 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Data Privacy Day
Jan 22, 2019
Original release date: January 22, 2019 January 28 is Data Privacy Day (DPD), an annual effort to promote data privacy awareness and education. This year’s DPD events, sponsored by the National Cyber Security Alliance (NCSA), focus around the theme, A New Era in Privacy.The NCSA Stay Safe Online website will feature a live stream of the Data Privacy Day 2019 – Live From LinkedIn event, which includes presentations on opportunities and challenges and the future of privacy, as well as a TED-style talk with the Amazon Web Services Global principal security architect.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review NCSA’s tips on Managing Your Privacy and the following NCCIC tips:Safeguarding Your Data,Protecting Your Privacy,How Anonymous Are You, andChoosing and Protecting Passwords. This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Security Updates
Jan 16, 2019
Original release date: January 16, 2019 Drupal has released security updates addressing vulnerabilities in Drupal 7.x, 8.5.x, and 8.6.x. A remote attacker could exploit these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Drupal’s security advisories SA-CORE-2019-001 and SA-CORE-2019-002 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases January 2019 Security Bulletin
Jan 15, 2019
Original release date: January 15, 2019 Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Oracle January 2019 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
DNS Infrastructure Hijacking Campaign
Jan 10, 2019
Original release date: January 10, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolves. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.NCCIC encourages administrators to review FireEye’s blog on global DNS infrastructure hijacking for more information. Additionally, NCCIC recommends the following best practices to help safeguard networks against this threat:Implement multifactor authentication on domain registrar accounts, or on other systems used to modify DNS records.Verify that DNS infrastructure (second-level domains, sub-domains, and related resource records) points to the correct Internet Protocol addresses or hostnames.Search for encryption certificates related to domains and revoke any fraudulently requested certificates. This product is provided subject to this Notification and this Privacy & Use policy.
Juniper Networks Releases Multiple Security Updates
Jan 9, 2019
Original release date: January 09, 2019 Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Juniper’s Security Advisories webpage and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jan 9, 2019
Original release date: January 09, 2019 Cisco has released security updates to address vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability [cisco-sa-20190109-esa-dos]Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability [cisco-sa-20190109-esa-url-dos] This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases January 2019 Security Updates
Jan 8, 2019
Original release date: January 08, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s January 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Jan 8, 2019
Original release date: January 08, 2019 Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. An attacker could exploit one of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Advisories APSB19-05 and APSB19-04, and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server
Jan 4, 2019
Original release date: January 04, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Jan 3, 2019
Original release date: January 03, 2019 Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Adobe Security Bulletin APSB19-02 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Securing New Devices
Dec 28, 2018
Original release date: December 28, 2018 During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), recommends these important steps you should consider to make your Internet of Things more secure:Evaluate your security settings. Most devices offer a variety of features that you can tailor to meet your needs and requirements. Enabling certain features to increase convenience or functionality may leave you more vulnerable to being attacked. It is important to examine the settings, particularly security settings, and select options that meet your needs without putting you at increased risk. If you install a patch or a new version of software, or if you become aware of something that might affect your device, reevaluate your settings to make sure they are still appropriate. See Good Security Habits for more information.Ensure you have up-to-date software. When manufacturers become aware of vulnerabilities in their products, they often issue patches to fix the problem. Patches are software updates that fix a particular issue or vulnerability within your device’s software. Make sure to apply relevant patches as soon as possible to protect your devices. See Understanding Patches for more information.Connect carefully. Once your device is connected to the Internet, it’s also connected to millions of other computers, which could allow attackers access to your device. Consider whether continuous connectivity to the Internet is needed. See Securing Your Home Network for more information.Use strong passwords. Passwords are a common form of authentication and are often the only barrier between you and your personal information. Some Internet-enabled devices are configured with default passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Choose strong passwords to help secure your device. See Choosing and Protecting Passwords for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Chinese Malicious Cyber Activity
Dec 20, 2018
Original release date: December 20, 2018 The Department of Homeland Security (DHS) Cybersecurity and Infrastructure and Security Agency (CISA) released information on Chinese government malicious cyber activity targeting global information technology (IT) service providers—such as managed service providers and cloud service providers—and their customers. These threat actors are actively exploiting trust relationships between IT service providers and their customers.NCCIC, part of CISA, encourages users and administrators to review the page on Chinese Malicious Cyber Activity for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Dec 19, 2018
Original release date: December 19, 2018 Cisco has released security updates to address a vulnerability in Adaptive Security Appliance. A remote attacker could exploit this vulnerability to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Out-of-Band Security Updates
Dec 19, 2018
Original release date: December 19, 2018 Microsoft has released out-of-band security updates to address a vulnerability in Internet Explorer 9, 10, and 11. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Microsoft Security Advisory and the CERT Coordination Center's Vulnerability Note VU#573168 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Bomb Threats Emailed Around the World
Dec 13, 2018
Original release date: December 13, 2018 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin is paid.If you receive a bomb threat email, NCCIC recommends the following actions:Do not respond or try to contact the sender.Do not pay the ransom.Report the email to the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center or to a local FBI Field Office. This product is provided subject to this Notification and this Privacy & Use policy.
