US CERT Current Activity

Subscribe to US CERT Current Activity feed
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Aug 31, 2020

Original release date: August 31, 2020Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and take the following actions. Implement the recommended mitigations. Search for indicators of compromise. Apply the necessary update, when available. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

National Insider Threat Awareness Month

Aug 31, 2020

Original release date: August 31, 2020 | Last revised: September 1, 2020September is National Insider Threat Awareness Month (NIATM), which is a collaborative effort between the National Counterintelligence and Security Center (NCSC), National Insider Threat Task Force (NITTF), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), Department of Homeland Security (DHS), and Defense Counterintelligence and Security Agency (DCSA) to emphasize the importance of detecting, deterring, and reporting insider threats.   NITAM 2020 will focus on “Resilience” by promoting personal and organizational resilience to mitigate risks posed by insider threats. The Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations to read NCSC’s NITAM 2020 endorsement and explore the following resources to learn how to protect against insider threats: Insider Threat Mitigation CISA Webinar: A Holistic Approach to Mitigating Insider Threats NITTF Resource Library Center for Development of Security Excellence: Insider Threat Awareness and Training This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Aug 27, 2020

Original release date: August 27, 2020Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page.   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation Vulnerability cisco-sa-n3n9k-priv-escal-3QhXJBC Cisco NX-OS Software Data Management Engine Remote Code Execution Vulnerability cisco-sa-nxos-dme-rce-cbE3nhZS Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability cisco-sa-nxosbgp-nlri-dos-458rG2OQ This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox and Firefox ESR

Aug 26, 2020

Original release date: August 26, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 80, Firefox ESR 68.12, and Firefox ESR 78.2 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Aug 26, 2020

Original release date: August 26, 2020Google has released Chrome version 85.0.4183.83 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

North Korean Malicious Cyber Activity: FASTCash

Aug 26, 2020

Original release date: August 26, 2020The Cybersecurity Security and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports (MARs) on the North Korean government’s ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to the group behind FASTCash as BeagleBoyz, a subset of HIDDEN COBRA. CISA encourages users and administrators to review the following resources for more information. Joint Technical Alert: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks MAR-10301706-1.v1: North Korean Malware: ECCENTRICBANDWAGON MAR-10301706-2.v1: North Korean Malware: VIVACIOUSGIFT MAR-10257062-1.v2: North Korean Malware: FASTCASH for Windows North Korean Malicious Cyber Activity page This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

ISC Releases Security Advisories for BIND

Aug 21, 2020

Original release date: August 21, 2020The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following ISC advisories for more information and to apply the necessary updates. CVE-20-8620 CVE-20-8621 CVE-20-8622 CVE-20-8623 CVE-20-8624 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Updates

Aug 20, 2020

Original release date: August 20, 2020Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Cisco vWAAS for Cisco ENCS 5400-W Series and CSP 5000-W Series Default Credentials Vulnerability cisco-sa-waas-encsw-cspw-cred-hZzL29A7 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability cisco-sa-smart-priv-esca-nqwxXWBu Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities cisco-sa-ipcameras-rce-dos-uPyJYxN3 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

2020 CWE Top 25 Most Dangerous Software Weaknesses

Aug 20, 2020

Original release date: August 20, 2020The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The Top 25 uses data from the National Vulnerability Database (NVD) to compile the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Top 25 list and evaluate recommended mitigations to determine those most suitable to adopt. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Aug 19, 2020

Original release date: August 19, 2020Google has released Chrome version 84.0.4147.135 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release Note and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

North Korean Malicious Cyber Activity

Aug 19, 2020

Original release date: August 19, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified a malware variant—referred to as BLINDINGCAN—used by North Korean actors. CISA encourages users and administrators to review Malware Analysis Report MAR-10295134-1.v1 and CISA’s North Korean Malicious Cyber Activity page for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Malicious Cyber Actors Continue to Target SBA with Fraudulent Schemes

Aug 14, 2020

Original release date: August 14, 2020The U.S. Small Business Administration (SBA) is aware of fraudulent schemes and scams targeting its ongoing economic relief efforts. The SBA requests that suspected SBA-related spoofing or phishing fraud be reported to the SBA Office of the Inspector General (OIG) Hotline at 800-767-0385 or online at SBA OIG Hotline. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review  SBA’s fraud alert as well as CISA’s Alert on the subject. Suspected malware, phishing, or other cyber criminal activity can also be reported to the Federal Bureau of Investigation Internet Crime Complaint Center (IC3) or through the CISA Incident Reporting System. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apache Releases Security Advisory for Struts 2

Aug 14, 2020

Original release date: August 14, 2020The Apache Software Foundation has released a security advisory to address vulnerabilities in Struts in the version range 2.0.0—2.5.20. An attacker could exploit one of these vulnerabilities to take control of an affected system. The current version, Struts 2.5.22, is not affected. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Apache’s security advisory for CVE-2019-0230 and CVE-2019-0233 and upgrade to the appropriate version. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Joint NSA and FBI Cybersecurity Advisory Discloses Russian Malware Drovorub

Aug 13, 2020

Original release date: August 13, 2020The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have released a cybersecurity advisory introducing previously undisclosed Russian malware. NSA and the FBI attributed the malware, dubbed Drovorub, to Russian advanced persistent threat (APT) actors. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the joint advisory and employ its detection techniques and mitigations. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

SAP Releases August 2020 Security Updates

Aug 11, 2020

Original release date: August 11, 2020<br/><p>SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes a cross-site scripting vulnerability (CVE-2020-6284) in NetWeaver (Knowledge Management)</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345">SAP Security Notes</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

Microsoft Addresses RCE and Spoofing Vulnerabilities Under Active Exploitation

Aug 11, 2020

Original release date: August 11, 2020<br/><p>Microsoft has released security updates to address two vulnerabilities—CVE-2020-1380 and CVE-2020-1464—that are being actively exploited. CVE-2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11, and CVE-2020-1464 is a spoofing vulnerability that affects multiple Windows products. An attacker could exploit these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Security Advisories for <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380 ">CVE-2020-1380</a> and <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 ">CVE-2020-1464</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

Microsoft Releases August 2020 Security Updates

Aug 11, 2020

Original release date: August 11, 2020<br/><p>Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s August 2020 <a href="https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Aug">Security Update Summary</a> and <a href="https://support.microsoft.com/en-us/help/20200811/security-update-deployment-information-august-11-2020">Deployment Information</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy &amp; Use</a> policy.</p> </div>

Continue Reading ›

CIS Releases 2019 Year in Review

Aug 11, 2020

Original release date: August 11, 2020The Center for Internet Security (CIS) has released its 2019 Year in Review. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a Cybersecurity and Infrastructure Security Agency (CISA) partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS's role in improving cyber defense and MS-ISAC's advances in membership, monitoring, cyber education, and information sharing with partners. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Aug 11, 2020

Original release date: August 11, 2020Adobe has released security updates to address vulnerabilities affecting Adobe Acrobat, Reader, and Lightroom. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-48 and APSB20-51 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Google Releases Security Updates for Chrome

Aug 11, 2020

Original release date: August 11, 2020Google has released Chrome version 84.0.4147.125 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips