US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Adobe Releases Security Updates for Multiple Products

Aug 13, 2019

Original release date: August 13, 2019Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: After Effects CC APSB19-31 Character Animator CC APSB19-32 Premiere Pro CC APSB19-33 Prelude CC APSB19-35 Creative Cloud Desktop Application APSB19-39 Acrobat and Reader APSB19-41 Experience Manager APSB19-42 Photoshop CC APSB19-44         This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

NCSA Webinar on Cybersecurity for Small Businesses

Aug 9, 2019

Original release date: August 9, 2019The National Cyber Security Alliance (NCSA) and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday, August 13, 2019 from 2-3 p.m. ET. The Cybersecurity and Infrastructure Agency (CISA) encourages small businesses to register for the webinar and visit CISA’s Resources for Business page to learn how to defend against cyber criminals. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

ACSC Releases Advisory on Password Spraying Attacks

Aug 8, 2019

Original release date: August 8, 2019<br/><p>The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. <a href="https://attack.mitre.org/techniques/T1110/">Password spraying</a> is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.<br /> &nbsp;<br /> The ACSC provides recommendations for organizations to detect and mitigate these types of attacks against their external services, such as webmail, remote desktop access, or cloud-based services.<br /> &nbsp;<br /> The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on <a href="https://www.cyber.gov.au/publications/advisory-2019-130-password-spray-attacks-detection-and-mitigation-strategies">password spraying attacks</a> and the following CISA tips:<br /> •&nbsp;&nbsp;&nbsp; <a href="https://www.us-cert.gov/ncas/tips/ST04-002">Choosing and Protecting Passwords</a><br /> •&nbsp;&nbsp;&nbsp; <a href="https://www.us-cert.gov/ncas/tips/ST05-012">Supplementing Passwords</a></p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

Google Releases Security Updates for Chrome

Aug 8, 2019

Original release date: August 8, 2019<br/><p>Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.<br /> &nbsp;<br /> The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop.html">Chrome Release</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

Cisco Releases Security Updates for Multiple Products

Aug 8, 2019

Original release date: August 8, 2019<br/><p>Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:</p> <ul> <li>Webex Network Recording Player and Webex Player Arbitrary Code Execution Vulnerabilities <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-webex-player">cisco-sa-20190807-webex-player</a></li> <li>Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfvis-vnc-authbypass">cisco-sa-20190807-nfvis-vnc-authbypass</a></li> <li>IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-iosxr-isis-dos-1918">cisco-sa-20190807-iosxr-isis-dos-1918</a></li> <li>IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-iosxr-isis-dos-1910">cisco-sa-20190807-iosxr-isis-dos-1910</a></li> <li>Adaptive Security Appliance Software Web-Based Management Interface Privilege Escalation Vulnerability <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-asa-privescala">cisco-sa-20190807-asa-privescala</a></li> <li>Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-rce">cisco-sa-20190806-sb220-rce</a></li> <li>Small Business 220 Series Smart Switches Authentication Bypass Vulnerability <a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-auth_bypass">cisco-sa-20190806-sb220-auth_bypass</a></li> </ul> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

SWAPGS Spectre Side-Channel Vulnerability

Aug 6, 2019

Original release date: August 6, 2019The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1—that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems' memory. Spectre is a flaw an attacker can exploit to force a program to reveal its data. The name derives from "speculative execution"—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, cloud servers, and smartphones. CISA encourages users and administrators to review the following guidance, refer to their hardware and software vendors for additional details, and apply an appropriate patch when available: Microsoft: Windows Kernel Information Disclosure Vulnerability Red Hat: Spectre SWAPGS gadget vulnerability Google: Spectre Side Channels This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

Aug 6, 2019

Original release date: August 6, 2019In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to these events. To avoid becoming a victim of malicious activity, users and administrators should consider taking the following preventive measures: Use caution when opening email attachments, and do not click on links in unsolicited email messages. Refer to CISA’s Tip on Using Caution with Email Attachments. Review CISA’s Tip on Staying Safe on Social Networking Sites. Refer to CISA’s Tip on Avoiding Social Engineering and Phishing Attacks. Review the information from the Federal Trade Commission on Before Giving to a Charity. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

VMware Releases Security Updates for Multiple Products

Aug 3, 2019

Original release date: August 3, 2019VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0012 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cylance Antivirus Vulnerability

Aug 2, 2019

Original release date: August 2, 2019The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Cylance Antivirus products. A remote attacker could bypass Cylance antivirus detection. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#489481 and the Cylance Resolution for BlackBerry Cylance Bypass webpage for patch information and additional recommended workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

IRS Reminds Tax Professionals: Beware Phishing Emails

Aug 1, 2019

Original release date: August 1, 2019The Internal Revenue Service (IRS) has issued a news release warning tax professionals of the continued threat of phishing emails. Phishing emails are one of the most common ways cyber criminals steal sensitive data. Educating personnel on the risks posed by phishing emails is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and the CISA Tip on Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

NIST Publishes Multifactor Authentication Practice Guide

Aug 1, 2019

Original release date: August 1, 2019The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The guide provides e-commerce organizations multifactor authentication (MFA) protection methods they can implement to reduce fraudulent purchases. The Cybersecurity and Infrastructure Security Agency (CISA) encourages e-commerce organizations to download the guide to learn how to prevent e-commerce fraud using MFA solutions. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

FTC Releases Alert on the Capital One Data Breach

Aug 1, 2019

Original release date: August 1, 2019The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users to check and monitor their credit report to protect against identify theft and to be aware of potential phishing scams related to the breach. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to refer to the FTC alert on the Capital One data breach and the CISA Tips on Preventing and Responding to Identity Theft and Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Aug 1, 2019

Original release date: August 1, 2019Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.    This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Jul 31, 2019

Original release date: July 31, 2019Google has released Chrome version 76.0.3809.87 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Releases Advisory on Wind River VxWorks Platform

Jul 30, 2019

Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following products, apply the recommended mitigations, and refer to vendors for appropriate patches, when available. ICS Advisory ICSA-19-211-01 Canadian Centre for Cyber Security Alert AL19-015 Wind River Security Bulletin TCP/IP Network Stack This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Steps to Safeguard Against Ransomware Attacks

Jul 30, 2019

Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware: Back up systems—now (and daily). Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verifying their integrity and restoration process. If recovering after an attack, restore a stronger system than the one lost, fully patched and updated to the latest version. Reinforce basic cybersecurity awareness and education. Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing, and suspicious links—the most common vectors for ransomware attacks. Remind employees of how to report incidents to appropriate IT staff in a timely manner, which should include out-of-band communication paths. Revisit and refine cyber incident response plans. Have a clear plan to address attacks when they occur, including when internal capabilities are overwhelmed. Make sure response plans include how to request assistance from external cyber first responders, such as state agencies, CISA, and MS-ISAC, in the event of an attack. CISA encourages organizations to review the Joint Ransomware Statement and the following ransomware guidance: MS-ISAC Security Primer on Ransomware CISA Tip Sheet on Ransomware NGA Disruption Response Planning Memo NASCIO Cyber Disruption Planning Guide This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Save the Date: 2019 CISA Cybersecurity Summit

Jul 29, 2019

Original release date: July 29, 2019The Cybersecurity and Infrastructure Security Agency (CISA) will be hosting the 2019 CISA Cybersecurity Summit from September 18-20, 2019, at National Harbor, MD. This summit will provide a forum for critical infrastructure stakeholders to discuss current cybersecurity topics, including emerging technologies, vulnerability management, incident response, and risk mitigation. CISA encourages interested participants to visit the 2019 CISA Cybersecurity Summit for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

CISA Webinar: Holistic Approach to Mitigating Insider Threats

Jul 26, 2019

Original release date: July 26, 2019Want to recognize indicators of cybersecurity and physical insider threats? On July 29, the Cybersecurity and Infrastructure Security Agency will host a webinar providing expert guidance for a holistic approach to detect and deter these threats. Understanding how to prevent, mitigate, and respond to insider threats increases an organization’s ability to protect both its people and sensitive information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

IRS Reminds Tax Professionals: Create a Data Security Plan

Jul 24, 2019

Original release date: July 24, 2019The Internal Revenue Service (IRS) has issued a news release reminding professional tax preparers that they are required by law to have a written data security plan. Creating and maintaining a data security plan ensures that tax professionals are reviewing their data security protections and implementing appropriate safeguards. Creating a data security plan is part of the Taxes. Security. Together. checklist, which the IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and CISA's Tip on Safeguarding Your Data for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Building Resilience to Foreign Interference, Misinformation Activities

Jul 22, 2019

Original release date: July 22, 2019As part of the effort to #Protect2020, the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information activities (e.g., disinformation, misinformation). The Department of Homeland Security (DHS) views foreign interference as malign actions taken by foreign governments or actors designed to sow discord, manipulate public discourse, discredit the electoral system, bias the development of policy, or disrupt markets for the purpose of undermining the interests of the United States and its allies. Responding to foreign interference requires a whole of society approach—CISA has made available the following foreign interference resources to #Protect2020: The War on Pineapple: Understanding Foreign Interference in 5 Steps Foreign Interference Taxonomy Social Media Bots Overview This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips