US CERT Current Activity
Cisco Releases Security Updates
Aug 1, 2019
Original release date: August 1, 2019Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jul 31, 2019
Original release date: July 31, 2019Google has released Chrome version 76.0.3809.87 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Advisory on Wind River VxWorks Platform
Jul 30, 2019
Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following products, apply the recommended mitigations, and refer to vendors for appropriate patches, when available. ICS Advisory ICSA-19-211-01 Canadian Centre for Cyber Security Alert AL19-015 Wind River Security Bulletin TCP/IP Network Stack This product is provided subject to this Notification and this Privacy & Use policy.
Steps to Safeguard Against Ransomware Attacks
Jul 30, 2019
Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware: Back up systems—now (and daily). Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verifying their integrity and restoration process. If recovering after an attack, restore a stronger system than the one lost, fully patched and updated to the latest version. Reinforce basic cybersecurity awareness and education. Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing, and suspicious links—the most common vectors for ransomware attacks. Remind employees of how to report incidents to appropriate IT staff in a timely manner, which should include out-of-band communication paths. Revisit and refine cyber incident response plans. Have a clear plan to address attacks when they occur, including when internal capabilities are overwhelmed. Make sure response plans include how to request assistance from external cyber first responders, such as state agencies, CISA, and MS-ISAC, in the event of an attack. CISA encourages organizations to review the Joint Ransomware Statement and the following ransomware guidance: MS-ISAC Security Primer on Ransomware CISA Tip Sheet on Ransomware NGA Disruption Response Planning Memo NASCIO Cyber Disruption Planning Guide This product is provided subject to this Notification and this Privacy & Use policy.
Save the Date: 2019 CISA Cybersecurity Summit
Jul 29, 2019
Original release date: July 29, 2019The Cybersecurity and Infrastructure Security Agency (CISA) will be hosting the 2019 CISA Cybersecurity Summit from September 18-20, 2019, at National Harbor, MD. This summit will provide a forum for critical infrastructure stakeholders to discuss current cybersecurity topics, including emerging technologies, vulnerability management, incident response, and risk mitigation. CISA encourages interested participants to visit the 2019 CISA Cybersecurity Summit for more information. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Webinar: Holistic Approach to Mitigating Insider Threats
Jul 26, 2019
Original release date: July 26, 2019Want to recognize indicators of cybersecurity and physical insider threats? On July 29, the Cybersecurity and Infrastructure Security Agency will host a webinar providing expert guidance for a holistic approach to detect and deter these threats. Understanding how to prevent, mitigate, and respond to insider threats increases an organization’s ability to protect both its people and sensitive information. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Reminds Tax Professionals: Create a Data Security Plan
Jul 24, 2019
Original release date: July 24, 2019The Internal Revenue Service (IRS) has issued a news release reminding professional tax preparers that they are required by law to have a written data security plan. Creating and maintaining a data security plan ensures that tax professionals are reviewing their data security protections and implementing appropriate safeguards. Creating a data security plan is part of the Taxes. Security. Together. checklist, which the IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and CISA's Tip on Safeguarding Your Data for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Building Resilience to Foreign Interference, Misinformation Activities
Jul 22, 2019
Original release date: July 22, 2019As part of the effort to #Protect2020, the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information activities (e.g., disinformation, misinformation). The Department of Homeland Security (DHS) views foreign interference as malign actions taken by foreign governments or actors designed to sow discord, manipulate public discourse, discredit the electoral system, bias the development of policy, or disrupt markets for the purpose of undermining the interests of the United States and its allies. Responding to foreign interference requires a whole of society approach—CISA has made available the following foreign interference resources to #Protect2020: The War on Pineapple: Understanding Foreign Interference in 5 Steps Foreign Interference Taxonomy Social Media Bots Overview This product is provided subject to this Notification and this Privacy & Use policy.
Canadian Centre for Cyber Security Releases Advisory on Fileless Malware
Jul 18, 2019
Original release date: July 18, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review CCCS’s Fileless Malware Advisory for potential infection vectors and recommended mitigations and refer to CISA’s Tip on Protecting Against Malicious Code. This product is provided subject to this Notification and this Privacy & Use policy.
WaterISAC Releases Cybersecurity Fundamentals
Jul 17, 2019
Original release date: July 17, 2019The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and attacks. WaterISAC is a CISA partner focused on protecting Water and Wastewater Systems Sector utilities from all hazards. The Cybersecurity and Infrastructure Security Agency (CISA) encourages sector utilities and critical infrastructure owners and operators to review WaterISAC's 15 Cybersecurity Fundamentals for Water and Wastewater Utilities for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Security Update
Jul 17, 2019
Original release date: July 17, 2019Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisory SA-CORE-2019-008 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Jul 17, 2019
Original release date: July 17, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability cisco-sa-20190717-cvdsd-wmauth FindIT Network Management Software Static Credentials Vulnerability cisco-sa-20190717-cfnm-statcred IOS Access Points Software 802.11r Fast Transition Denial-of-Service Vulnerability cisco-sa-20190717-aironet-dos This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases 2019 Active Cyber Defence Report
Jul 16, 2019
Original release date: July 16, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up in 2016—seeks to reduce harm from commodity cyberattacks against the United Kingdom. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NCSC’s report for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Updates for PowerShell Core
Jul 16, 2019
Original release date: July 16, 2019Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases July 2019 Security Bulletin
Jul 16, 2019
Original release date: July 16, 2019Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle July 2019 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
DHS Webinar: Cybersecurity Threats to the Healthcare Sector
Jul 16, 2019
Original release date: July 16, 2019The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17, 2019, at 1 p.m. ET. The Cybersecurity and Infrastructure Security Agency (CISA) encourages healthcare professionals and their customers to register for the webinar to learn more about ransomware and best practices for securing medical devices. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Releases Six Cybersecurity Safeguards
Jul 16, 2019
Original release date: July 16, 2019The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals and taxpayers to review the IRS news release and CISA’s Tip on Safeguarding Your Data for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jul 15, 2019
Original release date: July 15, 2019Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases Advisory on Ongoing DNS Hijacking Campaign
Jul 12, 2019
Original release date: July 12, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign, in which attackers use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect users, obtain sensitive information, and cause man-in-the-middle attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Advisory, apply the recommended mitigations, and refer to CISA’s Alert AA19-024A – DNS Infrastructure Hijacking Campaign for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Atlassian Releases Security Updates for Jira
Jul 11, 2019
Original release date: July 11, 2019Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Atlassian Security Advisory 2019-07-10 and Canadian Centre for Cyber Security Advisory AV19-143 and apply the necessary updates or mitigations. This product is provided subject to this Notification and this Privacy & Use policy.
