US-CERT Feed

Cyber Safety for Students

US-Cert Current Activity - 27 min 17 sec ago
Original release date: August 20, 2019

As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple steps that can help students stay safe while using their internet-connected devices.

The Cybersecurity and Infrastructure Security Agency (CISA) recommends reviewing the following resources for more information on cyber safety for students:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability

US-Cert Current Activity - Thu, 08/15/2019 - 4:15pm
Original release date: August 15, 2019

Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan

US-Cert Current Activity - Wed, 08/14/2019 - 11:47am
Original release date: August 14, 2019

The fifth and final step in the Internal Revenue Service (IRS) Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of understanding the risks posed by national and international cybersecurity criminal syndicates, working with cybersecurity experts to help prevent and stop data theft, and reporting data theft as soon as possible. Creating a data theft recovery plan is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and the following Security Summit series topics for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities

US-Cert Current Activity - Wed, 08/14/2019 - 11:30am
Original release date: August 14, 2019

Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10

An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708—dubbed BlueKeep—these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Multiple HTTP/2 Implementation Vulnerabilities

US-Cert Current Activity - Wed, 08/14/2019 - 11:08am
Original release date: August 14, 2019

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service (DoS) condition. Attacks can consume excessive system resources and lead to distributed DoS (DDoS) attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#605641 for more information and refer to vendors for updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases August 2019 Security Updates

US-Cert Current Activity - Tue, 08/13/2019 - 1:46pm
Original release date: August 13, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s August 2019 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Intel Releases Security Updates

US-Cert Current Activity - Tue, 08/13/2019 - 1:38pm
Original release date: August 13, 2019

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Adobe Releases Security Updates for Multiple Products

US-Cert Current Activity - Tue, 08/13/2019 - 1:23pm
Original release date: August 13, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:

 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

NCSA Webinar on Cybersecurity for Small Businesses

US-Cert Current Activity - Fri, 08/09/2019 - 2:59pm
Original release date: August 9, 2019

The National Cyber Security Alliance (NCSA) and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday, August 13, 2019 from 2-3 p.m. ET.

The Cybersecurity and Infrastructure Agency (CISA) encourages small businesses to register for the webinar and visit CISA’s Resources for Business page to learn how to defend against cyber criminals.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

ACSC Releases Advisory on Password Spraying Attacks

US-Cert Current Activity - Thu, 08/08/2019 - 10:03am
Original release date: August 8, 2019

The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
 
The ACSC provides recommendations for organizations to detect and mitigate these types of attacks against their external services, such as webmail, remote desktop access, or cloud-based services.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on password spraying attacks and the following CISA tips:
•    Choosing and Protecting Passwords
•    Supplementing Passwords

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Google Releases Security Updates for Chrome

US-Cert Current Activity - Thu, 08/08/2019 - 9:45am
Original release date: August 8, 2019

Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Cisco Releases Security Updates for Multiple Products

US-Cert Current Activity - Thu, 08/08/2019 - 9:43am
Original release date: August 8, 2019

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

SWAPGS Spectre Side-Channel Vulnerability

US-Cert Current Activity - Tue, 08/06/2019 - 8:21pm
Original release date: August 6, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1—that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems' memory.

Spectre is a flaw an attacker can exploit to force a program to reveal its data. The name derives from "speculative execution"—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, and cloud servers.

CISA encourages users and administrators to review the following guidance, refer to their hardware and software vendors for additional details, and apply an appropriate patch when available:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

US-Cert Current Activity - Tue, 08/06/2019 - 9:47am
Original release date: August 6, 2019

In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to these events.

To avoid becoming a victim of malicious activity, users and administrators should consider taking the following preventive measures:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

VMware Releases Security Updates for Multiple Products

US-Cert Current Activity - Sat, 08/03/2019 - 10:12am
Original release date: August 3, 2019

VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0012 and apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Cylance Antivirus Vulnerability

US-Cert Current Activity - Fri, 08/02/2019 - 1:13pm
Original release date: August 2, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Cylance Antivirus products. A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#489481 and the Cylance Resolution for BlackBerry Cylance Bypass webpage for patch information and additional recommended workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

IRS Reminds Tax Professionals: Beware Phishing Emails

US-Cert Current Activity - Thu, 08/01/2019 - 1:30pm
Original release date: August 1, 2019

The Internal Revenue Service (IRS) has issued a news release warning tax professionals of the continued threat of phishing emails. Phishing emails are one of the most common ways cyber criminals steal sensitive data. Educating personnel on the risks posed by phishing emails is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data.


The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals to review the IRS news release and the CISA Tip on Avoiding Social Engineering and Phishing Attacks for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

NIST Publishes Multifactor Authentication Practice Guide

US-Cert Current Activity - Thu, 08/01/2019 - 1:30pm
Original release date: August 1, 2019

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The guide provides e-commerce organizations multifactor authentication (MFA) protection methods they can implement to reduce fraudulent purchases.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages e-commerce organizations to download the guide to learn how to prevent e-commerce fraud using MFA solutions.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

FTC Releases Alert on the Capital One Data Breach

US-Cert Current Activity - Thu, 08/01/2019 - 1:20pm
Original release date: August 1, 2019

The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users to check and monitor their credit report to protect against identify theft and to be aware of potential phishing scams related to the breach.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to refer to the FTC alert on the Capital One data breach and the CISA Tips on Preventing and Responding to Identity Theft and Avoiding Social Engineering and Phishing Attacks for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Cisco Releases Security Updates

US-Cert Current Activity - Thu, 08/01/2019 - 1:06pm
Original release date: August 1, 2019

Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates. 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Pages