US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

WordPress Releases Security Update

Dec 13, 2018

Original release date: December 13, 2018 WordPress 5.0 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.0.1. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Dec 12, 2018

Original release date: December 12, 2018 Google has released Chrome Version 71.0.3578.98 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases December 2018 Security Updates

Dec 11, 2018

Original release date: December 11, 2018 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s December 2018 Security Update Summary and Deployment Information and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox

Dec 11, 2018

Original release date: December 11, 2018 Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox 64 and Firefox ESR 60.4 and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Dec 11, 2018

Original release date: December 11, 2018 Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-41 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Dec 6, 2018

Original release date: December 06, 2018 Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Flash Player installer. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-42 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apple Releases Multiple Security Updates

Dec 5, 2018

Original release date: December 05, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:iCloud for Windows 7.9Safari 12.0.2iTunes 12.9.2 for WindowsmacOS Mojave 10.14.2, Security Update  2018-003 High Sierra, Security Update 2018-006 SierratvOS 12.1.1iOS 12.1.1 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Dec 4, 2018

Original release date: December 04, 2018 Google has released Chrome version 71.0.3578.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FTC Issues Alert on Recent Marriott Breach

Dec 4, 2018

Original release date: December 04, 2018 The Federal Trade Commission (FTC) has released an alert to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood guest reservation database.NCCIC encourages users and administrators to review the FTC Alert and the NCCIC Tip on Preventing and Responding to Identity Theft. If you believe you are a victim of identity theft, visit the FTC’s identity theft website to make a report. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

SamSam Ransomware

Dec 3, 2018

Original release date: December 03, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have identified cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide.NCCIC encourages users and administrators to review Alert AA18-337A: SamSam Ransomware and Malware Analysis Reports AR18-337A, AR18-337B, AR18-337C, and AR18-337D for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Protecting Against Identity Theft

Nov 29, 2018

Original release date: November 29, 2018 As the holidays draw near, many consumers turn to the internet to shop for goods and services. Although online shopping can offer convenience and save time, shoppers should be cautious online and protect personal information against identity theft. Identity thieves steal personal information, such as a credit card, and run up bills in the victim’s name.The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the following tips to help reduce the risk of falling prey to identity theft:Preventing and Responding to Identity TheftShopping Safely OnlineAvoiding Social Engineering and Phishing AttacksIf you believe you are a victim of identity theft, visit the FTC’s identity theft website to file a report and create a personal recovery plan. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Update

Nov 28, 2018

Original release date: November 28, 2018 Cisco has released a security update to address a vulnerability in Cisco Prime License Manager. A remote attacker could exploit this vulnerability to obtain sensitive information.NCCIC encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

3ve – Fraudulent Online Advertising

Nov 27, 2018

Original release date: November 27, 2018 The Department of Homeland Security and the Federal Bureau of Investigation have released a joint Technical Alert (TA) on a major online ad fraud operation—referred to by the U.S. Government as "3ve."NCCIC encourages users and administrators to review Alert TA18-331A: 3ve – Major Online Ad Fraud Operation for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Samba Releases Security Updates

Nov 27, 2018

Original release date: November 27, 2018 The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2018-16852, CVE-2018-16853, and CVE-2018-16857 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates

Nov 22, 2018

Original release date: November 22, 2018 VMware has released security updates to address a vulnerability in Workstation and Fusion. An attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to review VMware Security Advisory VMSA-2018-0030 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Securing Mobile Devices During Holiday Travel

Nov 20, 2018

Original release date: November 20, 2018 As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them.NCCIC encourages users to review the NCCIC Tips on Holiday Traveling with Personal Internet-Enabled Devices and Cybersecurity for Electronic Devices. The suggested security practices in these tips will help travelers secure their portable devices during the holiday season and throughout the year. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates

Nov 20, 2018

Original release date: November 20, 2018 VMware has released security updates to address vulnerabilities in vSphere Data Protection. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0029 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Nov 20, 2018

Original release date: November 20, 2018 Adobe has released security updates to address a vulnerability in Adobe Flash Player. An attacker could exploit this vulnerability to take control of an affected system.  NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-44 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Holiday Scams and Malware Campaigns

Nov 19, 2018

Original release date: November 19, 2018 As the holidays approach, NCCIC reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identify theft, or financial loss.NCCIC recommends the following actions:Use caution when browsing the internet, shopping online, and using email.Avoid clicking on links or opening attachments in unsolicited emails. See Avoiding Social Engineering and Phishing Attacks for more information.Be wary of fraudulent social media pleas, calls, texts, websites, and door-to-door solicitations for donations to charities. See How to Donate Wisely and Avoid Charity Scams for more information.If you believe you are a victim of a scam or malware campaign, consider the following actions:Contact your financial institution immediately, and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. See Preventing and Responding to Identity Theft for more information.Immediately change any passwords you might have revealed. Avoid reusing passwords. See Choosing and Protecting Passwords for more information.Report the attack to the police, and file reports with the Federal Trade Commission and the FBI's Internet Crime Complaint Center. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Nov 19, 2018

Original release date: November 19, 2018 Google has released Chrome version 70.0.3538.110 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips