Current Activity – US-CERT

US-CERT Current Activity

A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

Last feed update: Wednesday February 21st, 2018 12:37:36 AM

Microsoft Releases February 2018 Security Updates

Tuesday February 13th, 2018 08:09:07 PM US-CERT
Original release date: February 13, 2018 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review Microsoft's February 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates

Tuesday February 13th, 2018 06:45:50 PM US-CERT
Original release date: February 13, 2018 Adobe has released security updates to address vulnerabilities in Adobe Experience Manager, Acrobat, and Reader. A remote attacker could exploit these vulnerabilities to take control of an affected system.                  NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-02 and APSB18-04 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

North Korean Malicious Cyber Activity

Tuesday February 13th, 2018 03:01:09 PM US-CERT
Original release date: February 13, 2018 The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.NCCIC/US-CERT encourages users and administrators to review the HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware Analysis Reports MAR-10135536-F and MAR-10135536-G, for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Updates for Multiple Products

Wednesday February 7th, 2018 06:08:00 PM US-CERT
Original release date: February 07, 2018 Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.RV132W and RV134W Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180207-rv13xVirtualized Packet Core-Distributed Instance Denial of Service Vulnerability  cisco-sa-20180207-vpcdiUCS Central Arbitrary Command Execution Vulnerability cisco-sa-20180207-ucscPolicy Suite RADIUS Authentication Bypass Vulnerability cisco-sa-20180207-cps This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates for Flash Player

Tuesday February 6th, 2018 06:09:45 PM US-CERT
Original release date: February 06, 2018 Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.                 NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-03 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Updates

Monday February 5th, 2018 08:27:05 PM US-CERT
Original release date: February 05, 2018 Cisco has released an updated advisory and security updates to address a vulnerability affecting its Adaptive Security Appliance software. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC/US-CERT encourages users and administrators to review Cisco's updated Security Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Safer Internet Day

Monday February 5th, 2018 01:56:34 PM US-CERT
Original release date: February 05, 2018 February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.NCCIC/US-CERT encourages users to view the Safer Internet Day website and the following tips:Keeping Children Safe OnlineDealing with CyberbulliesRethink Cyber Safety Rules and the “Tech Talk” with Your Teens This product is provided subject to this Notification and this Privacy & Use policy.

FTC Warns of Online Dating Scams

Friday February 2nd, 2018 02:22:54 AM US-CERT
Original release date: February 01, 2018 The Federal Trade Commission (FTC) has released an article addressing scams targeting online daters. In this type of fraud, cyber criminals target victims, gain their confidence, and trick them into sending money.To stay safer online, review the FTC article on Online Dating Scams and the NCCIC/US-CERT tip on Staying Safe on Social Networking Sites. If you think you have been a victim of an online dating scam, report your experience tothe online dating site,the Federal Trade Commission, andthe Federal Bureau of Investigation's Internet Crime Complaint Center. This product is provided subject to this Notification and this Privacy & Use policy.

IC3 Warns of Impersonation Scams

Friday February 2nd, 2018 02:18:35 AM US-CERT
Original release date: February 01, 2018 The Internet Crime Complaint Center (IC3) has released an alert on impersonation scams. In these schemes, scammers send emails impersonating IC3 to trick recipients into providing personally identifiable information or downloading malicious files. Users should use caution when reviewing unsolicited messages.NCCIC/US-CERT encourages consumers to refer to the IC3 Alert and the NCCIC/US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for more information. This product is provided subject to this Notification and this Privacy & Use policy.

Pyeongchang 2018: Staying Cyber Safe during the Olympics

Thursday February 1st, 2018 11:35:52 AM US-CERT
Original release date: February 01, 2018 As the 2018 Olympic Games in Pyeongchang approach, NCCIC/US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, cyber activists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harvest users’ credentials for financial gain. There is also the possibility that mobile or other communications will be monitored.NCCIC/US-CERT encourages users to protect themselves against these risks—especially risks associated with portable devices such as smart phones and tablets—by taking the following actions:Switch off Wi-Fi and Bluetooth connections when not in use.Use a credit card to pay for online goods and services.When using a public or unsecured wireless connection, avoid using sites and applications that require personal information like log-ins.Update mobile software.Use strong PINs and passwords.Using the security practices suggested in the resources listed below will also help travelers stay more secure in Pyeongchang and other travel destinations:NCCIC/US-CERT Security Tip ST13-002: International Mobile Safety TipsNCCIC/US-CERT Security Tip ST05-017: Cybersecurity for Electronic DevicesStop.Think.Connect. Tip Card: Cybersecurity While TravelingFederal Communications Commission Smartphone Security Checker This product is provided subject to this Notification and this Privacy & Use policy.



Processed request in 0.07633 seconds.