US CERT Current Activity
Supermicro Releases Security Updates
Sep 4, 2019
Original release date: September 4, 2019Supermicro has released security updates to address vulnerabilities affecting the Baseboard Management Controller (BMC) component of Supermicro X9, X10, and X11 platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review Supermicro’s Security Advisory and Security Vulnerabilities Table and apply the necessary updates and recommended mitigations. This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox and Firefox ESR
Sep 4, 2019
Original release date: September 4, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9. This product is provided subject to this Notification and this Privacy & Use policy.
Potential Hurricane Dorian Cyber Scams
Sep 4, 2019
Original release date: September 4, 2019The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a hurricane-related subject line, attachment, or hyperlink. In addition, users should be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events. To avoid becoming victims of malicious activity, users and administrators should review the following resources and take preventative measures: Staying Alert to Disaster-related Scams Before Giving to a Charity Staying Safe on Social Networking Sites Avoiding Social Engineering and Phishing Attacks If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of Investigation Internet Crime Complaint Center at www.ic3.gov. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Aug 29, 2019
Original release date: August 29, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates: REST API Container for IOS XE Software Authentication Bypass Vulnerability cisco-sa-20190828-iosxe-rest-auth-bypass Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability cisco-sa-20190828-ucs-privescalation NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability cisco-sa-20190828-nxos-memleak-dos NX-OS Software IPv6 Denial of Service Vulnerability cisco-sa-20190828-nxos-ipv6-dos NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability cisco-sa-20190828-nxos-fsip-dos FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability cisco-sa-20190828-fxnxos-snmp-dos NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability cisco-sa-20190828-nxos-snmp-bypass NX-OS Software Network Time Protocol Denial of Service Vulnerability cisco-sa-20190828-nxos-ntp-dos NX-OS Software NX-API Denial of Service Vulnerability cisco-sa-20190828-nxos-api-dos Nexus 9000 Series Fabric Switches ACI Mode Border Leaf Endpoint Learning Vulnerability cisco-sa-20190828-nexus-aci-dos This product is provided subject to this Notification and this Privacy & Use policy.
September is National Preparedness Month: Be Prepared, Not Scared
Aug 28, 2019
Original release date: August 28, 2019National Preparedness Month (NPM) promotes family and community disaster and emergency planning. This year’s theme is “Prepared, Not Scared.” Although most people understand that being prepared is essential to getting through an emergency such as a natural disaster, there is less awareness about the necessity of cybersecurity preparedness. Cybersecurity preparedness is often a deciding factor on how much an impact a cyber-related event—such as a ransomware infection, identify theft, or data breach—has on an individual or an organization. The Cybersecurity and Infrastructure Security Agency (CISA) encourages individuals and organizations to develop their own cyber emergency response plans that include guidance on protections and controls such as keeping software and operating systems updated, regularly backing up files, keeping encrypted copies of important documents offline, and routinely running anti-virus scans. Learn more about National Preparedness Month at Ready.gov/September and see Ready.gov/Cybersecurity and the following CISA Tips for resources on preparing for, and responding to, unexpected cyber-related events: • Protecting Against Ransomware • Preventing and Responding to Identity Theft • Handling Destructive Malware • Protecting Against Malicious Code This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Multiple Security Updates
Aug 27, 2019
Original release date: August 27, 2019Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: watchOS 5.3.1 iOS 12.4.1 macOS Mojave 10.14.6 tvOS 12.4.1 This product is provided subject to this Notification and this Privacy & Use policy.
Protect Against Romance Scams
Aug 27, 2019
Original release date: August 27, 2019The Federal Trade Commission (FTC) has released a short video to help users spot and defend against romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. The video includes stories that romance scammers tell to online daters to get them to send money and offers tips for avoiding these scams. Use caution when online dating, and never send money or gifts to someone you have not met in person. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. If you think you have been a target of a romance scam, file a report with The online dating site, The Federal Trade Commission, and The Federal Bureau of Investigation's Internet Crime Complaint Center. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Aug 27, 2019
Original release date: August 27, 2019Google has released Chrome version 76.0.3809.132 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Warns of New Email Scam
Aug 23, 2019
Original release date: August 23, 2019The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake (i.e., spoofed) IRS email addresses. The emails contain a link to a spoofed IRS.gov website that displays fake details about the targeted recipient’s tax refund, return, or account. The emails instruct the recipient to access their refund information by entering a provided password on the spoofed website. By entering the password, the victim unintentionally downloads malware that could enable the malicious cyber actors to take control of the affected system or obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IRS news release and the CISA Tip on Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.
FISMA Annual Report to Congress
Aug 23, 2019
Original release date: August 23, 2019The Office of Management and Budget (OMB) has published its Fiscal Year (FY) 2018 Annual Report to Congress on the implementation of the Federal Information Security Modernization Act of 2014 (FISMA). The document includes data reported by agencies to OMB and the Cybersecurity and Infrastructure Security Agency (CISA). The report highlights government-wide cybersecurity programs and initiatives, and agencies’ progress to enhance federal cybersecurity over the past year and into the future. Notably, in FY 2018, agencies reported 31,107 incidents, a 12 percent decrease from FY 2017. CISA encourages organizations to review the Fiscal Year 2018 Annual Report for more information. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Strategic Intent: Defend Today, Secure Tomorrow
Aug 22, 2019
Original release date: August 22, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released the CISA Strategic Intent document, framing the new agency’s mission to protect the Nation’s critical infrastructure from physical and cyber threats. The document details CISA Director Christopher Krebs’ strategic vision and operational priorities and will serve as the interim strategy as the agency develops a longer-term strategic plan. CISA encourages organizations to review the CISA Strategic Intent and the CISA website for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Aug 22, 2019
Original release date: August 22, 2019Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates: Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-ucs-authby Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-ucs-authbypass Secure Copy (SCP) User Default Credentials Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-usercred Application Programming Interface (API) Authentication Bypass Vulnerability in UCS Director and UCS Director Express for Big Data releases cisco-sa-20190821-ucsd-authbypass This product is provided subject to this Notification and this Privacy & Use policy.
CISA Insights: Ransomware Outbreak
Aug 21, 2019
Original release date: August 21, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released its first CISA Insights product, which discusses the rapid emergence of ransomware across our Nation’s networks. CISA Insights – Ransomware Outbreak includes steps in the following key areas to help organizations protect themselves from ransomware attacks—a top priority for CISA: Actions for Today – Make Sure You’re Not Tomorrow’s Headline Actions to Recover If Impacted – Don’t Let a Bad Day Get Worse Actions to Secure Your Environment Going Forward – Don’t Let Yourself be an Easy Mark CISA urges organizations to review CISA Insights – Ransomware Outbreak, implement the recommendations, and visit the CISA resource page on ransomware for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Cyber Safety for Students
Aug 20, 2019
Original release date: August 20, 2019As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple steps that can help students stay safe while using their internet-connected devices. The Cybersecurity and Infrastructure Security Agency (CISA) recommends reviewing the following resources for more information on cyber safety for students: Stop.Think.Connect. Toolkit Stay Safe Online Before You Connect a New Computer to the Internet Keeping Children Safe Online Rethink Cyber Safety Rules and the “Tech Talk” with Your Teens Concerned Parent’s Internet Safety Toolbox This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability
Aug 15, 2019
Original release date: August 15, 2019Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan
Aug 14, 2019
Original release date: August 14, 2019The fifth and final step in the Internal Revenue Service (IRS) Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of understanding the risks posed by national and international cybersecurity criminal syndicates, working with cybersecurity experts to help prevent and stop data theft, and reporting data theft as soon as possible. Creating a data theft recovery plan is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and the following Security Summit series topics for more information: Deploying “Security Six” basic safeguards Creating a data security plan Educating yourself on phishing scams Recognizing the signs of client data theft This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
Aug 14, 2019
Original release date: August 14, 2019Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2 SP1 Windows Server 2012 Windows 8.1 Windows Server 2012 R2 Windows 10 Windows Server 2016 Windows Server 2019 An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708—dubbed BlueKeep—these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply the necessary updates: Microsoft Security Blog Post: Patch New Wormable Vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) Microsoft Security Vulnerability Information for CVE-2019-1181 Microsoft Security Vulnerability Information for CVE-2019-1182 Microsoft Security Blog Post: Protect Against BlueKeep Microsoft Customer Guidance for CVE-2019-0708 This product is provided subject to this Notification and this Privacy & Use policy.
Multiple HTTP/2 Implementation Vulnerabilities
Aug 14, 2019
Original release date: August 14, 2019The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service (DoS) condition. Attacks can consume excessive system resources and lead to distributed DoS (DDoS) attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#605641 for more information and refer to vendors for updates. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases August 2019 Security Updates
Aug 13, 2019
Original release date: August 13, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s August 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Updates
Aug 13, 2019
Original release date: August 13, 2019Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: RAID Web Console 2 Advisory INTEL-SA-00246 NUC Advisory INTEL-SA-00272 Authenticate Advisory INTEL-SA-00275 Driver and Support Assistant Advisory INTEL-SA-00276 Remote Displays SDK Advisory INTEL-SA-00277 Processor Identification Utility for Windows Advisory INTEL-SA-00281 Computing Improvement Program Advisory INTEL-SA-00283 This product is provided subject to this Notification and this Privacy & Use policy.
