US CERT Current Activity
Google Releases Security Updates for Chrome
Feb 5, 2020
Original release date: February 5, 2020Google has released Chrome 80 (version 80.0.3987.87) for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Launches “Identity Theft Central” Webpage
Feb 4, 2020
Original release date: February 4, 2020The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud. The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, tax professionals, and businesses to review the IRS news release and CISA’s Tip on Preventing and Responding to Identity Theft for more information. This product is provided subject to this Notification and this Privacy & Use policy.
OpenSMTPD Vulnerability
Feb 3, 2020
Original release date: February 3, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#390745 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for Magento
Jan 31, 2020
Original release date: January 31, 2020Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Open Source editions. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-02 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Cisco Small Business Switches
Jan 30, 2020
Original release date: January 30, 2020Cisco has released security updates to address vulnerabilities affecting Cisco Small Business Switches. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Cisco Security Advisories cisco-sa-smlbus-switch-dos-R6VquS2u and cisco-sa-20200129-smlbus-switch-disclos for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Tax Identity Theft Awareness Week
Jan 29, 2020
Original release date: January 29, 2020Tax Identity Theft Awareness Week is February 3-7. The Federal Trade Commission (FTC) Tax Identity Theft Awareness Week webpage will provide webinars and other resources from FTC and its partners throughout the week to help educate the public on how to protect against identity theft this tax season. The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, businesses, and tax professionals to review the FTC announcement and the following resources for more information: CISA’s Tip on Preventing and Responding to Identity Theft FTC's article on Tax-Related Identity Theft Internal Revenue Service's Taxpayer Guide to Identity Theft This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Multiple Security Updates
Jan 28, 2020
Original release date: January 28, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: tvOS 13.3.1 Safari 13.0.5 iOS 13.3.1 and iPadOS 13.3.1 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra This product is provided subject to this Notification and this Privacy & Use policy.
Data Privacy Day: A Vision for the Future
Jan 28, 2020
Original release date: January 28, 2020January 28 is Data Privacy Day, an annual effort to empower individuals and organizations to respect privacy, safeguard data, and enable trust. This year, the National Cyber Security Alliance (NCSA) is bringing together experts on U.S. and international privacy for A Vision for the Future, an in-depth discussion on new privacy laws and regulations. The NCSA Stay Safe Online website will live stream the January 28 event beginning at 1 p.m. ET. Presentation topics will include how to prepare for and implement recent legislation, such as the California Consumer Privacy Act and the European Union’s General Data Protection Regulation. The Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review NCSA’s tips on updating privacy settings and the following CISA Tips. Safeguarding Your Data Protecting Your Privacy How Anonymous Are You Privacy and Mobile Device Apps This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jan 24, 2020
Original release date: January 24, 2020Cisco has released security updates to address a vulnerability affecting Cisco Webex Meetings Suite and Cisco Webex Meetings Online. A remote attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Cisco Security Advisory cisco-sa-20200124-webex-unauthjoin for more information. This product is provided subject to this Notification and this Privacy & Use policy.
NSA Releases Guidance on Mitigating Cloud Vulnerabilities
Jan 24, 2020
Original release date: January 24, 2020The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and users to review NSA's guidance on Mitigating Cloud Vulnerabilities and CISA’s page on APTs Targeting IT Service Provider Customers and Analysis Report on Microsoft Office 365 and other Cloud Security Observations for information on implementing a defense-in-depth strategy to protect infrastructure assets. This product is provided subject to this Notification and this Privacy & Use policy.
Citrix Releases Security Updates for SD-WAN WANOP
Jan 23, 2020
Original release date: January 23, 2020Citrix has released security updates to address the CVE-2019-19781 vulnerability in Citrix SD-WAN WANOP. An attacker could exploit this vulnerability to take control of an affected system. Citrix has also released an Indicators of Compromise Scanner that aims to identify evidence of successful exploitation of CVE-2019-19781. The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends users and administrators review the Citrix Security Bulletin CTX267027 and apply the necessary updates. CISA also recommends users and administrators: Run the Indicators of Compromise Scanner; Review the Citrix article on CVE-2019-19781: Fixes now available for Citrix SD-WAN WANOP, published January 23, 2020; and Review CISA’s Activity Alert on Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Jan 23, 2020
Original release date: January 23, 2020Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates: Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability cisco-sa-20200122-fmc-auth TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability cisco-sa-telepresence-path-tr-wdrnYEZZ IOS XE SD-WAN Software Default Credentials Vulnerability cisco-sa-sd-wan-cred-EVGSF259 SD-WAN Solution Local Privilege Escalation Vulnerability cisco-sa-20200122-sdwan-priv-esc Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability cisco-sa-20200122-on-prem-dos IOS XR Software EVPN Operational Routes Denial of Service Vulnerability cisco-sa-20200122-ios-xr-routes IOS XR Software BGP EVPN Denial of Service Vulnerabilities cisco-sa-20200122-ios-xr-evpn IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability cisco-sa-20200122-ios-xr-dos This product is provided subject to this Notification and this Privacy & Use policy.
Increased Emotet Malware Activity
Jan 22, 2020
Original release date: January 22, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. If successful, an attacker could use an Emotet infection to obtain sensitive information. Such an attack could result in proprietary information and financial loss as well as disruption to operations and harm to reputation. CISA recommends users and administrator adhere to the following best practices to defend against Emotet. See CISA’s Alert on Emotet Malware for detailed guidance. Block email attachments commonly associated with malware (e.g.,.dll and .exe). Block email attachments that cannot be scanned by antivirus software (e.g., .zip files). Implement Group Policy Object and firewall rules. Implement an antivirus program and a formalized patch management process. Implement filters at the email gateway, and block suspicious IP addresses at the firewall. Adhere to the principal of least privilege. Implement a Domain-Based Message Authentication, Reporting & Conformance (DMARC) validation system. Segment and segregate networks and functions. Limit unnecessary lateral communications. CISA encourages users and administrators to review the following resources for information about defending against Emotet and other malware. CISA Alert Emotet Malware Australian Cyber Security Centre (ACSC) Advisory Emotet Malware Campaign CISA Tip Protecting Against Malicious Code This product is provided subject to this Notification and this Privacy & Use policy.
IC3 Issues Alert on Employment Scams
Jan 22, 2020
Original release date: January 22, 2020The Internet Crime Complaint Center (IC3) has issued an alert warning consumers of fake jobs and hiring scams targeting applicants’ personally identifiable information (PII). Cyber criminals posing as legitimate employers spoof company websites and post fake job openings to lure victims. Cyber criminals will conduct fake interviews and even offer positions to victims before requesting PII such as Social Security numbers and bank account information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IC3 Alert and CISA’s Tips on Avoiding Social Engineering and Phishing Attacks and Website Security for more information. If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov. This product is provided subject to this Notification and this Privacy & Use policy.
Reminder: Safeguard Websites from Cyberattacks
Jan 21, 2020
Original release date: January 21, 2020Protect personal and organizational public-facing websites from defacement, data breaches, and other types of cyberattacks by following cybersecurity best practices. The Cybersecurity and Information Security Agency (CISA) encourages users and administrators to review CISA’s updated Tip on Website Security and take the necessary steps to protect against website attacks. For more information, review: CISA Insight: Enhance Email and Web Security, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-44: Guidelines on Securing Public Web Servers, and NIST SP 800-95: Guide to Secure Web Services. This product is provided subject to this Notification and this Privacy & Use policy.
Samba Releases Security Updates
Jan 21, 2020
Original release date: January 21, 2020The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcements for CVE-2019-14902, CVE-2019-14907, and CVE-2019-19344 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.
Citrix Adds SD-WAN WANOP, Updated Mitigations to CVE-2019-19781 Advisory
Jan 17, 2020
Original release date: January 17, 2020Citrix has released an article with updates on CVE-2019-19781, a vulnerability affecting Citrix Application Delivery Controller (ADC) and Citrix Gateway. This vulnerability also affects Citrix SD-WAN WANOP product versions 10.2.6 and version 11.0.3. The article includes updated mitigations for Citrix ADC and Citrix Gateway Release 12.1 build 50.28. An attacker could exploit CVE-2019-19781 to take control of an affected system. Citrix plans to begin releasing security updates for affected software starting January 20, 2020. The Cybersecurity and Infrastructure Security Agency (CISA) recommends users and administrators: Review the Citrix article on updates on Citrix ADC, Citrix Gateway vulnerability, published January 17, 2020; See Citrix Security Bulletin CTX267027 – Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance; Apply the recommended mitigations in CTX267679 – Mitigation Steps for CVE-2019-19781; and Verify the successful application of the above mitigations by using the tool in CTX269180 – CVE-2019-19781 – Verification ToolTest. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Advisory on Internet Explorer Vulnerability
Jan 17, 2020
Original release date: January 17, 2020Microsoft has released a security advisory to address a critical vulnerability in Internet Explorer. A remote attacker could exploit this vulnerability to take control of an affected system. According to the advisory, “Microsoft is aware of limited targeted attacks.” The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Advisory ADV20001 and CERT/CC's Vulnerability Note VU#338824 for more information, implement workarounds, and apply updates when available. Consider using Microsoft Edge or an alternate browser until patches are made available. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jan 17, 2020
Original release date: January 17, 2020Google has released Chrome version 79.0.3945.130 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases January 2020 Security Bulletin
Jan 14, 2020
Original release date: January 14, 2020Oracle has released its Critical Patch Update for January 2020 containing 334 new security patches to address vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle January 2020 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
