US-CERT Feed

Microsoft Releases February 2018 Security Updates

US-Cert Current Activity - Tue, 02/13/2018 - 3:09pm
Original release date: February 13, 2018

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Microsoft's February 2018 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Adobe Releases Security Updates

US-Cert Current Activity - Tue, 02/13/2018 - 1:45pm
Original release date: February 13, 2018

Adobe has released security updates to address vulnerabilities in Adobe Experience Manager. A remote attacker could exploit these vulnerabilities to take control of an affected system.                  

NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-04 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

North Korean Malicious Cyber Activity

US-Cert Current Activity - Tue, 02/13/2018 - 10:01am
Original release date: February 13, 2018

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

NCCIC/US-CERT encourages users and administrators to review the HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware Analysis Reports MAR-10135536-F and MAR-10135536-G, for more information.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Cisco Releases Security Updates for Multiple Products

US-Cert Current Activity - Wed, 02/07/2018 - 1:08pm
Original release date: February 07, 2018

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Adobe Releases Security Updates for Flash Player

US-Cert Current Activity - Tue, 02/06/2018 - 1:09pm
Original release date: February 06, 2018

Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.                 

NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-03 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Cisco Releases Security Updates

US-Cert Current Activity - Mon, 02/05/2018 - 3:27pm
Original release date: February 05, 2018

Cisco has released an updated advisory and security updates to address a vulnerability affecting its Adaptive Security Appliance software. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Cisco's updated Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Safer Internet Day

US-Cert Current Activity - Mon, 02/05/2018 - 8:56am
Original release date: February 05, 2018

February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.

NCCIC/US-CERT encourages users to view the Safer Internet Day website and the following tips:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

FTC Warns of Online Dating Scams

US-Cert Current Activity - Thu, 02/01/2018 - 9:22pm
Original release date: February 01, 2018

The Federal Trade Commission (FTC) has released an article addressing scams targeting online daters. In this type of fraud, cyber criminals target victims, gain their confidence, and trick them into sending money.

To stay safer online, review the FTC article on Online Dating Scams and the NCCIC/US-CERT tip on Staying Safe on Social Networking Sites. If you think you have been a victim of an online dating scam, report your experience to

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

IC3 Warns of Impersonation Scams

US-Cert Current Activity - Thu, 02/01/2018 - 9:18pm
Original release date: February 01, 2018

The Internet Crime Complaint Center (IC3) has released an alert on impersonation scams. In these schemes, scammers send emails impersonating IC3 to trick recipients into providing personally identifiable information or downloading malicious files. Users should use caution when reviewing unsolicited messages.

NCCIC/US-CERT encourages consumers to refer to the IC3 Alert and the NCCIC/US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for more information.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Pyeongchang 2018: Staying Cyber Safe during the Olympics

US-Cert Current Activity - Thu, 02/01/2018 - 6:35am
Original release date: February 01, 2018

As the 2018 Olympic Games in Pyeongchang approach, NCCIC/US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, cyber activists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harvest users’ credentials for financial gain. There is also the possibility that mobile or other communications will be monitored.

NCCIC/US-CERT encourages users to protect themselves against these risks—especially risks associated with portable devices such as smart phones and tablets—by taking the following actions:

  • Switch off Wi-Fi and Bluetooth connections when not in use.
  • Use a credit card to pay for online goods and services.
  • When using a public or unsecured wireless connection, avoid using sites and applications that require personal information like log-ins.
  • Update mobile software.
  • Use strong PINs and passwords.

Using the security practices suggested in the resources listed below will also help travelers stay more secure in Pyeongchang and other travel destinations:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Cisco Releases Security Updates

US-Cert Current Activity - Wed, 01/31/2018 - 1:52pm
Original release date: January 31, 2018

Cisco has released software updates to address a vulnerability in its Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series. A remote attacker could exploit this vulnerability to cause a denial of service condition.

NCCIC/US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Mozilla Releases Security Update for Firefox

US-Cert Current Activity - Tue, 01/30/2018 - 7:23am
Original release date: January 30, 2018

Mozilla has released a security update to address a vulnerability in Firefox. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 58.0.1 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Cisco Releases Security Update

US-Cert Current Activity - Mon, 01/29/2018 - 2:06pm
Original release date: January 29, 2018

Cisco has released a security update to address a vulnerability in its Adaptive Security Appliance software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Tax Identity Theft Awareness Week

US-Cert Current Activity - Mon, 01/29/2018 - 8:27am
Original release date: January 29, 2018

Tax Identity Theft Awareness Week is January 29 to February 2, and many federal agencies are offering information and resources to help consumers learn to protect themselves from tax-related identity theft and Internal Revenue Service (IRS) imposter scams.

NCCIC/US-CERT encourages consumers to review IRS publication Taxes.Security.Together. and NCCIC/US-CERT Tip Preventing and Responding to Identity Theft. Users can also participate in a series of free webinars and chats on avoiding tax identity theft, hosted by the Federal Trade Commission, IRS, Department of Veterans Affairs, and others.

 

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

VMware Releases Security Updates

US-Cert Current Activity - Fri, 01/26/2018 - 3:39pm
Original release date: January 26, 2018

VMware has released security updates to address vulnerabilities in vRealize Automation, vSphere Integrated Containers, and AirWatch Console. An attacker could exploit these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0006 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Data Privacy Day

US-Cert Current Activity - Fri, 01/26/2018 - 2:49pm
Original release date: January 26, 2018

January 28 is Data Privacy Day (DPD), an annual international effort to promote the importance of data privacy. DPD is sponsored in the United States by the National Cyber Security Alliance (NCSA) with the theme, Respecting Privacy, Safeguarding Data, and Enabling Trust.

The NCSA Stay Safe Online website features a recording of the Data Privacy Day 2018 – Live From LinkedIn event, which includes presentations on privacy management, location tracking, and business and privacy. NCCIC/US-CERT encourages users and administrators to review basic privacy tips from Stay Safe Online, and related resources from NCCIC/US-CERT:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Mozilla Releases Security Update for Thunderbird

US-Cert Current Activity - Thu, 01/25/2018 - 11:04pm
Original release date: January 25, 2018

Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.6 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Google Releases Security Update for Chrome

US-Cert Current Activity - Wed, 01/24/2018 - 6:59pm
Original release date: January 24, 2018

Google has released Chrome version 64.0.3282.119 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to cause a denial-of-service condition.

NCCIC/US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Apple Releases Multiple Security Updates

US-Cert Current Activity - Tue, 01/23/2018 - 3:35pm
Original release date: January 23, 2018

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed

Mozilla Releases Security Updates

US-Cert Current Activity - Tue, 01/23/2018 - 3:04pm
Original release date: January 23, 2018

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox ESR 52.6 and Firefox 58 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: US-CERT Feed