US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

Oct 14, 2020

Original release date: October 14, 2020Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Security Advisory for more information, and apply the necessary updates or workaround.   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates for Flash Player

Oct 14, 2020

Original release date: October 14, 2020Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-58 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apache Releases Security Updates for Apache Tomcat

Oct 14, 2020

Original release date: October 14, 2020The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to obtain sensitive information.  The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Apache Security Advisory for CVE-2020-13943 and upgrade to the appropriate version. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases October 2020 Security Updates

Oct 13, 2020

Original release date: October 13, 2020Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s October 2020 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

SAP Releases October 2020 Security Updates

Oct 13, 2020

Original release date: October 13, 2020SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability (CVE-2020-6364) affecting SAP Solution Manager and SAP Focused Run.   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the SAP Security Notes for October 2020 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Oct 9, 2020

Original release date: October 9, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a single intrusion—in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations. CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised. The joint cybersecurity advisory contains information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

QNAP Releases Security Updates for QNAP Helpdesk

Oct 8, 2020

Original release date: October 8, 2020QNAP Systems has released security updates to address vulnerabilities in QNAP Helpdesk. An attacker could exploit these vulnerabilities to take control of an affected QNAP network-attached storage (NAS) device. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review QNAP Security Advisory QSA-20-08 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Oct 8, 2020

Original release date: October 8, 2020Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Video Surveillance 8000 Series IP Cameras Cisco Protocol Remote Code Execution and Denial of Service cisco-sa-cdp-rcedos-mAHR8vNx Identity Services Engine Authorization Bypass Vulnerability cisco-sa-ise-auth-bypass-uJWqLTZM Webex Teams Client for Windows DLL Hijacking Vulnerability cisco-sa-webex-teams-dll-drsnH5AN This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Oct 7, 2020

Original release date: October 7, 2020Google has released Chrome version 86.0.4240.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary changes.   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases FY2019 Risk Vulnerability Assessment Infographic

Oct 7, 2020

Original release date: October 7, 2020The Cybersecurity and Information Security Agency (CISA) has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework. The infographic identifies routinely successful attack paths CISA observed during RVAs conducted across multiple sectors. Cyber attackers can use these attack paths to compromise organizations. CISA encourages network administrators and IT professionals to review the infographic and apply the recommended defensive strategies to protect against the observed tactics and techniques. Review CISA’s Cyber Essentials for more information on where to start implementing organizational cybersecurity practices. For information on CISA RVAs and requesting additional services, visit CISA’s National Cybersecurity Assessment and Technical Services page.   This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Department of Treasury Releases Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments

Oct 2, 2020

Original release date: October 2, 2020The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has released an [Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments]. Financial institutions, cyber insurance firms, and companies that facilitate payments on behalf of victims may be violating OFAC regulations. CISA encourages organizations to review the OFAC Advisory for more information. See CISA’s Ransomware page for how to report and protect against ransomware attacks. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA and CNMF Identify a New Malware Variant

Oct 1, 2020

Original release date: October 1, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant—referred to as SLOTHFULMEDIA—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal. CISA encourages users and administrators to review Malware Analysis Report MAR-10303705-1.v1 and U.S. Cyber Command’s VirusTotal page for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

October is National Cybersecurity Awareness Month

Oct 1, 2020

Original release date: October 1, 2020October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance—to ensure every American has the resources they need to stay safe and secure online. This year’s theme, “Do your Part. #BeCyberSmart.,” encourages individuals and organizations to take proactive steps to enhance cybersecurity and protect their part of cyberspace. CISA encourages individuals and organizations to review the NCSAM 2020 page for ways to participate in and promote NCSAM. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA and MS-ISAC Release Ransomware Guide

Sep 30, 2020

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Ransomware Guide that details practices that organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats. The in-depth guide provides actionable best practices for ransomware prevention as well as a ransomware response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans. CISA encourages users and administrators to review the Ransomware Guide and CISA’s Ransomware webpage for additional information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Telework Essentials Toolkit

Sep 30, 2020

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive security considerations appropriate for their role: Actions for executive leaders that drive cybersecurity strategy, investment and culture Actions for IT professionals that develop security awareness and vigilance Actions for teleworkers to develop their home network security awareness and vigilance CISA encourages users and administrators to review the Telework Essentials Toolkit and the CISA Telework page for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates for Multiple Products

Sep 25, 2020

Original release date: September 25, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco security page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apple Releases Security Updates

Sep 25, 2020

Original release date: September 25, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 11.4 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472

Sep 24, 2020

Original release date: September 24, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access. Applying patches from Microsoft’s August 2020 Security Advisory for CVE-2020-1472 can prevent exploitation of this vulnerability. CISA has released a patch validation script to detect unpatched Microsoft domain controllers. CISA urges administrators to patch all domain controllers immediately—until every domain controller is updated, the entire infrastructure remains vulnerable. Review the following resources for more information: CISA Patch Validation Script CISA Emergency Directive 20-04: Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday CERT/CC Vulnerability Note VU#490028 Microsoft Security Vulnerability Information for CVE-2020-1472 Microsoft’s guidance on How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox and Firefox ESR

Sep 22, 2020

Original release date: September 22, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 81 and Firefox ESR 78.3 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox and Firefox ESR

Sep 22, 2020

Original release date: September 22, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 81 and Firefox ESR 78.3 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips