US CERT Current Activity
Canadian Centre for Cyber Security Releases Advisory on Fileless Malware
Jul 18, 2019
Original release date: July 18, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review CCCS’s Fileless Malware Advisory for potential infection vectors and recommended mitigations and refer to CISA’s Tip on Protecting Against Malicious Code. This product is provided subject to this Notification and this Privacy & Use policy.
WaterISAC Releases Cybersecurity Fundamentals
Jul 17, 2019
Original release date: July 17, 2019The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and attacks. WaterISAC is a CISA partner focused on protecting Water and Wastewater Systems Sector utilities from all hazards. The Cybersecurity and Infrastructure Security Agency (CISA) encourages sector utilities and critical infrastructure owners and operators to review WaterISAC's 15 Cybersecurity Fundamentals for Water and Wastewater Utilities for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Drupal Releases Security Update
Jul 17, 2019
Original release date: July 17, 2019Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisory SA-CORE-2019-008 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Jul 17, 2019
Original release date: July 17, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability cisco-sa-20190717-cvdsd-wmauth FindIT Network Management Software Static Credentials Vulnerability cisco-sa-20190717-cfnm-statcred IOS Access Points Software 802.11r Fast Transition Denial-of-Service Vulnerability cisco-sa-20190717-aironet-dos This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases 2019 Active Cyber Defence Report
Jul 16, 2019
Original release date: July 16, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up in 2016—seeks to reduce harm from commodity cyberattacks against the United Kingdom. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NCSC’s report for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Security Updates for PowerShell Core
Jul 16, 2019
Original release date: July 16, 2019Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Oracle Releases July 2019 Security Bulletin
Jul 16, 2019
Original release date: July 16, 2019Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle July 2019 Critical Patch Update and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
DHS Webinar: Cybersecurity Threats to the Healthcare Sector
Jul 16, 2019
Original release date: July 16, 2019The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17, 2019, at 1 p.m. ET. The Cybersecurity and Infrastructure Security Agency (CISA) encourages healthcare professionals and their customers to register for the webinar to learn more about ransomware and best practices for securing medical devices. This product is provided subject to this Notification and this Privacy & Use policy.
IRS Releases Six Cybersecurity Safeguards
Jul 16, 2019
Original release date: July 16, 2019The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals and taxpayers to review the IRS news release and CISA’s Tip on Safeguarding Your Data for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Jul 15, 2019
Original release date: July 15, 2019Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases Advisory on Ongoing DNS Hijacking Campaign
Jul 12, 2019
Original release date: July 12, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign, in which attackers use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect users, obtain sensitive information, and cause man-in-the-middle attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Advisory, apply the recommended mitigations, and refer to CISA’s Alert AA19-024A – DNS Infrastructure Hijacking Campaign for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Atlassian Releases Security Updates for Jira
Jul 11, 2019
Original release date: July 11, 2019Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Atlassian Security Advisory 2019-07-10 and Canadian Centre for Cyber Security Advisory AV19-143 and apply the necessary updates or mitigations. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases July 2019 Security Updates
Jul 9, 2019
Original release date: July 9, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s July 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Updates
Jul 9, 2019
Original release date: July 9, 2019Intel has released security updates to address vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Intel Security Advisories INTEL-SA-00267 and INTEL-SA-00268 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox and Firefox ESR
Jul 9, 2019
Original release date: July 9, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 68 and Firefox ESR 60.8 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates
Jul 9, 2019
Original release date: July 9, 2019Adobe has released security updates to address vulnerabilities affecting Bridge CC, Experience Manager, and Dreamweaver. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletins APSB19-37, APSB19-38, and APSB19-40 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels
Jul 8, 2019
Original release date: July 8, 2019The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic cybersecurity measures: Implement network segmentation. Create network profiles for each employee, require unique login credentials, and limit privileges to only those necessary. Be wary of external media. Install anti-virus software. Keep software updated. The Cybersecurity and Infrastructure Security Agency (CISA) encourages vessel and facility owners and operators to review the U.S. Coast Guard’s Safety Alert 06-19 for additional information, see CISA’s Tip on Securing Network Infrastructure Devices, and implement the recommended cybersecurity measures. This product is provided subject to this Notification and this Privacy & Use policy.
ACSC Releases Updated Essential Eight Maturity Model
Jul 5, 2019
Original release date: July 5, 2019The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy. ACSC is the government authority for providing protective security advice to the private sector and state and territory governments across Australia’s national infrastructure. This product is provided subject to this Notification and this Privacy & Use policy.
