US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Mozilla Releases Security Updates for Thunderbird and Firefox

Dec 13, 2022

Original release date: December 13, 2022Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and Firefox. An attacker could exploit these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review Mozilla’s security advisories for Thunderbird 102.6, Firefox ESR 102.6, and Firefox 108 for more information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates for Multiple products

Dec 13, 2022

Original release date: December 13, 2022VVMware has released security updates to address multiple vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisories VMSA-2022-0031, VMSA-2022-0033, and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Dec 13, 2022

Original release date: December 13, 2022CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose a significant risk to the federal enterprise. Note: To view newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

Dec 13, 2022

Original release date: December 13, 2022Today, the National Security Agency (NSA), CISA, and the Office of the Director of National Intelligence (ODNI), published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents both the benefits and risks associated with 5G network slicing. It also provides mitigation strategies that address potential threats to 5G network slicing. The guidance builds upon ESF’s Potential Threat Vectors to 5G Infrastructure, published in 2021. CISA encourages 5G providers, integrators, and network operators to review this guidance and implement the recommended mitigations. For additional 5G guidance, visit CISA.gov/5G-library. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Three Industrial Control Systems Advisories

Dec 13, 2022

Original release date: December 13, 2022CISA has released three (3) Industrial Control Systems (ICS) advisories on December 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: •    ICSA-22-347-01 ICONICS and Mitsubishi Electric Products •    ICSA-22-347-02 Schneider Electric APC Easy UPS Online •    ICSA-22-347-03 Contec CONPROSSYS HMI System (CHS) This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Fortinet Releases Security Updates for FortiOS

Dec 12, 2022

Original release date: December 12, 2022Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild.  CISA encourages users and administrators to review Fortinet security advisory FG-IR-22-368, apply the necessary updates, and validate systems against the IOCs listed in the advisory.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

Dec 9, 2022

Original release date: December 9, 2022Cisco released a security advisory for a vulnerability affecting IP Phone 7800 and 8800 Series. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For more information, see the Cisco Security Advisories page. CISA encourages users and administrators to review Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Phishing Infographic

Dec 8, 2022

Original release date: December 8, 2022Today, CISA published a Phishing Infographic to help protect both organizations and individuals from successful phishing operations. This infographic provides a visual summary of how threat actors execute successful phishing operations. Details include metrics that compare the likelihood of certain types of “bait” and how commonly each bait type succeeds in tricking the targeted individual. The infographic also provides detailed actions organizations and individuals can take to prevent successful phishing operations—from blocking phishing attempts to teaching individuals how to report successful phishing operations. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Three Industrial Control Advisories

Dec 8, 2022

Original release date: December 8, 2022CISA has released three (3) Industrial Control Systems (ICS) advisories on 08 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-342-01 Advantech iView ICSA-22-342-02 AVEVA InTouch Access Anywhere ICSA-22-342-03 Rockwell Automation Logix Controllers   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Dec 5, 2022

Original release date: December 5, 2022CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.    Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

#StopRansomware: Cuba Ransomware 

Dec 1, 2022

Original release date: December 1, 2022Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. FBI investigations identified these TTPs and IOCs as recently as August 2022. This CSA updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware. Key updates include: FBI has identified a sharp increase in the both the number of compromised U.S. entities and the ransom amounts demanded by Cuba ransomware actors. Since spring 2022, Cuba ransomware actors have expanded their TTPs. Third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan (RAT) actors, and Industrial Spy ransomware actors. FBI and CISA encourage network defenders to review the joint CSA and to apply the included mitigations. See StopRansomware.gov for additional guidance on ransomware protection, detection, and response. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Three Industrial Control Systems Advisories

Dec 1, 2022

Original release date: December 1, 2022CISA has released three (3) Industrial Control Systems (ICS) advisories on December 1, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: •    ICSMA-22-335-01 BD BodyGuard Pumps •    ICSA-22-335-01 MELSEC iQ-R Series •    ICSA-22-335-02 Horner Automation Remote Compact Controller   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Seven Industrial Control Systems Advisories

Nov 29, 2022

Original release date: November 29, 2022CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-333-01 Mitsubishi Electric GOT2000 ICSA-22-333-02 Hitachi Energys IED Connectivity Packages and PCM600 Products ICSA-22-333-03 Hitachi Energys MicroSCADA ProX SYS600 Products ICSA-22-333-04 Moxa UC Series ICSA-22-333-05 Mitsubishi Electric FA Engineering Software ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series (Update E) ICSA-19-346-02 Omron PLC CJ and CS Series (Update A) This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Nov 28, 2022

Original release date: November 28, 2022CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Eight Industrial Control Systems Advisories

Nov 22, 2022

Original release date: November 22, 2022CISA has released eight (8) Industrial Control Systems (ICS) advisories on 22 November 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSA-22-326-01 AVEVA Edge •    ICSA-22-326-02 Digital Alert Systems DASDEC •    ICSA-22-326-03 Phoenix Contact Automation Worx •    ICSA-22-326-04 GE Cimplicity •    ICSA-22-326-05 Moxa Multiple ARM-Based Computers •    ICSMA-21-152-01 Hillrom Medical Device Management (Update C) •    ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update I) •    ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update G)   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain 

Nov 17, 2022

Original release date: November 17, 2022Today, CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), published the third of a three-part series on securing the software supply chain: Securing Software Supply Chain Series - Recommended Practices Guide for Customers. This publication follows the August 2022 release of guidance for developers and October 2022 release of guidance for suppliers. The guidance released today, along with its accompanying fact sheet, provides recommended practices for software customers to ensure the integrity and security of software during the procuring and deployment phases. The Securing Software Supply Chain Series is an output of the Enduring Security Framework (ESF), a public-private cross-sector working group led by NSA and CISA. This series complements other U.S. government efforts underway to help the software ecosystem secure the supply chain, such as the software bill of materials (SBOM) community. CISA encourages all organizations that participate in the software supply chain to review the guidance. See CISA’s Information and Communications Technology (ICT) Supply Chain Risk Management Task Force, ICT Supply Chain Resource Library, and National Risk Management Center (NRMC) webpages for additional guidance. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

#StopRansomware: Hive

Nov 17, 2022

Original release date: November 17, 2022Today, CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released joint Cybersecurity Advisory (CSA) #StopRansomware: Hive Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Hive ransomware variants. FBI investigations identified these TTPs and IOCs as recently as November 2022.  Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and—especially—Healthcare and Public Health (HPH). CISA encourages network defenders to review the CSA and to apply the included mitigations. See StopRansomware.gov for additional guidance on ransomware protection, detection, and response.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Two Industrial Control Systems Advisories

Nov 17, 2022

Original release date: November 17, 2022CISA has released two (2) Industrial Control Systems (ICS) advisories on November 17, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSA-22-321-01 Red Lion Crimson •    ICSA-22-321-02 Cradlepoint IBR600 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates for Identity Services Engine

Nov 16, 2022

Original release date: November 16, 2022Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities, see the Cisco Security Advisories page.    CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Identity Services Engine Insufficient Access Control Vulnerability Cisco Identity Services Engine Cross-Site Scripting Vulnerability This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Samba Releases Security Updates

Nov 16, 2022

Original release date: November 16, 2022The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Samba security announcement CVE-2022-42898 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips