US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

CISA Releases Four New Insights Products

Sep 20, 2019

Original release date: September 20, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released four new CISA Insights products informed by U.S. intelligence and real-world events. Each of the following products provides a description of the threat, lessons learned, recommendations, and additional relevant resources: Mitigate DNS Infrastructure Tampering Remediate Vulnerabilities for Internet-Accessible Systems Secure High Value Assets Enhance Email and Web Security CISA urges organizations to review the updated CISA Insights page and implement the recommendations. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Sep 19, 2019

Original release date: September 19, 2019Google has released Chrome 77.0.3865.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates for Multiple Products

Sep 17, 2019

Original release date: September 17, 2019VMware has released security updates to address vulnerabilities in ESXi and vCenter. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0013 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

2019 CWE Top 25 Most Dangerous Software Errors

Sep 17, 2019

Original release date: September 17, 2019MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Top 25 list and evaluate recommended mitigations to determine those most suitable to adopt. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Intel Releases Security Updates

Sep 10, 2019

Original release date: September 10, 2019Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Intel's Security Advisories INTEL-SA-00290 and INTEL-SA-00285 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Sep 10, 2019

Original release date: September 10, 2019Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

MS-ISAC Releases Security Event Primer on Malware

Sep 10, 2019

Original release date: September 10, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC’s White Paper: Security Event Primer – Malware, see CISA’s Tip on Protecting Against Malicious Code, and implement the recommended best practices. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases September 2019 Security Updates

Sep 10, 2019

Original release date: September 10, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s September 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Sep 10, 2019

Original release date: September 10, 2019Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletins APSB19-45 and APSB19-46 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

North Korean Malicious Cyber Activity

Sep 9, 2019

Original release date: September 9, 2019The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. CISA encourages users and administrators to review the HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware Analysis Reports MAR-10135536-21 and MAR-10135536-10, for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FBI Safe Online Surfing Challenge

Sep 9, 2019

Original release date: September 9, 2019The Federal Bureau of Investigation (FBI) has launched the Safe Online Surfing (SOS) Challenge, encouraging educators to promote web literacy and safety for students during the 2019-20 school year. FBI developed the program to educate children on how to navigate the web securely using activities that correspond with specific grade levels. Public, private, and home schools with at least five students are eligible to participate in the online challenge. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI SOS Challenge Announcement and the CISA Tip Keeping Children Safe Online. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

U.S. Cyber Command Shares 11 New Malware Samples

Sep 8, 2019

Original release date: September 8, 2019U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends users and administrators review the CISA Tip on Protecting Against Malicious Code for best practices on protecting systems and networks against malware. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Exim Releases Security Patches

Sep 6, 2019

Original release date: September 6, 2019Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Exim CVE-2019-15846 page and upgrade to Exim 4.92.2 or apply the necessary patches. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Ransomware Protection Strategies

Sep 6, 2019

Original release date: September 6, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has observed an increase in ransomware attacks across the Nation. Helping organizations protect themselves from ransomware is a chief priority for CISA. Organizations are encouraged to review the following resources to help prevent, mitigate, and recover against ransomware: CISA Insights: Ransomware Outbreak CISA resource page on ransomware FireEye blog and report on ransomware protection and containment strategies Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

WordPress Releases Security Update

Sep 6, 2019

Original release date: September 6, 2019WordPress 5.2.2 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.2.3. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

MS-ISAC Releases Advisory on PHP Vulnerabilities

Sep 5, 2019

Original release date: September 5, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2019-087 and the PHP Downloads page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FBI Releases Article on Think Before You Post Campaign

Sep 5, 2019

Original release date: September 5, 2019The Federal Bureau of Investigation (FBI) has released an article on their Think Before You Post campaign, designed to educate students on the use of social media and how to avoid making poor choices when posting, texting, or emailing thoughts or grievances that could lead to disruptive behavior, including threats. The FBI article stresses that this type of online behavior could result in serious consequences to the individual as well as the community. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI article for information about the Think Before You Post campaign. CISA also recommends users review the CISA Tip Identifying Hoaxes and Urban Legends for information on the potential dangers of viral emails. CISA encourages users to report suspicious activity to their local FBI field office and to FBI CyWatch at cywatch@fbi.gov.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Sep 5, 2019

Original release date: September 5, 2019Cisco has released security updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Webex Teams Logging Feature Command Execution Vulnerability cisco-sa-20190904-webex-teams Industrial Network Director Configuration Data Information Disclosure Vulnerability cisco-sa-20190904-ind Unified Contact Center Express Request Processing Server-Side Request Forgery Vulnerability cisco-sa-20190904-unified-ccx-ssrf Content Security Management Appliance Information Disclosure Vulnerability cisco-sa-20190904-sma-info-dis Jabber Client Framework for Mac Code Execution Vulnerability cisco-sa-20190904-jcf-codx Identity Services Engine Cross-Site Scripting Vulnerability cisco-sa-20190904-ise-xss Finesse Request Processing Server-Side Request Forgery Vulnerability cisco-sa-20190904-finesse-ssrf This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Samba Releases Security Updates

Sep 4, 2019

Original release date: September 4, 2019The Samba Team has released security updates to address a vulnerability in all versions of Samba from 4.9.0 onward. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcement for CVE-2019-10197 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

NCSC Releases UK Cyber Incident Trends Report

Sep 4, 2019

Original release date: September 4, 2019The United Kingdom (UK) National Cyber Security Centre (NCSC) has released a report detailing cyber incident trends in the UK from October 2018 to April 2019. The report provides technical guidance on how to defend against, and recover from, the following cyber threats: ransomware, phishing, vulnerability scanning, and attacks targeting supply chain and Office 365 cloud services. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC report and the following CISA resources for more information on improving cybersecurity posture: Ransomware page Avoiding Social Engineering and Phishing Attacks Securing Network Infrastructure Devices APTs Targeting IT Service Provider Customers Microsoft Office 365 Security Observations This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips