US CERT: Current Activity

Subscribe to US CERT: Current Activity hírcsatorna
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Frissítve: 1 óra 27 perc
2019. november 15.

Reminder: Malware Can Exploit Improper Configurations

Original release date: November 15, 2019

Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software. Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following tips and guidance:

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 14.

NCSC-NZ Releases Annual Cyber Threat Report

Original release date: November 14, 2019

The New Zealand National Cyber Security Centre (NCSC-NZ) has released their annual report detailing cyber threats and incidents affecting New Zealand from July 2018 to June 2019. During this period, NCSC-NZ recorded an increase in the severity of cybersecurity incidents—particularly from state-sponsored threat actors. NCSC-NZ provides enhanced cybersecurity services to New Zealand Government and organizations of national significance against cybersecurity threats.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Cyber Threat Report for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 12.

VMware Releases Security Updates

Original release date: November 12, 2019

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0020 and VMSA-2019-0021 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 12.

Adobe Releases Security Updates

Original release date: November 12, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 12.

Intel Releases Security Updates

Original release date: November 12, 2019

Intel has released security updates to address vulnerabilities in multiple products. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

For updates addressing medium severity vulnerabilities, see the Intel Security Advisories page.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 12.

Microsoft Releases November 2019 Security Updates

Original release date: November 12, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s November 2019 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 8.

Holiday Shopping, Phishing, and Malware Scams

Original release date: November 8, 2019

As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. Cyber actors may send emails and ecards containing malicious links or attachments infected with malware or may send spoofed emails requesting support for fraudulent charities or causes.

CISA encourages users to remain vigilant and take the following precautions:

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 7.

Cisco Releases Security Updates

Original release date: November 7, 2019

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 6.

CISA Launches “Cyber Essentials” for Small Businesses and Small SLTT Governments

Original release date: November 6, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has launched Cyber Essentials, an effort to assist small organizations in understanding and addressing cybersecurity risks. Developed in partnership with small businesses and small state, local, tribal, and territorial (SLTT) governments, Cyber Essentials aims to equip these organizations with basic steps and resources to improve their cybersecurity resilience.

CISA’s Fall 2019 Cyber Essentials infographic includes a list of six actions organizations can take to reduce cyber risks:

  • Drive cybersecurity strategy, investment, and culture;
  • Develop security awareness and vigilance;
  • Protect critical assets and applications;
  • Ensure only those who belong on your digital workplace have access;
  • Make backups and avoid the loss of information critical to operations; and
  • Limit damage and quicken restoration of normal operations.

CISA encourages small organizations to review CISA’s Cyber Essentials page to learn more about improving their cybersecurity resilience. 

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 6.

U.S. Cyber Command Shares Seven New Malware Samples

Original release date: November 6, 2019

U.S. Cyber Command has released seven malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends users and administrators review the CISA Tip on Protecting Against Malicious Code for best practices on protecting systems and networks against malware.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 4.

CSET Version 9.2 Now Available

Original release date: November 4, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has released version 9.2 of its Cyber Security Evaluation Tool (CSET). CSET is a desktop software tool that guides asset owners and operators through a consistent process for evaluating control system networks as part of a comprehensive cybersecurity assessment that uses recognized government and industry standards and recommendations.

CSET 9.2 includes the following feature enhancements and upgrades:

  • Web-based diagram editor
  • Enhanced reporting
  • New capability maturity model for financial sector customers
  • National Credit Union Administration (NCUA) Automated Cybersecurity Examination Tool (ACET) Standard
  • Financial sector risk assessment wizard
  • New analysis for network diagram questions
  • Transportation Security Administration (TSA) 2018 Pipeline security standard
  • International Society of Automation (ISA)/International Electrotechnical Commission (IEC) 62443 standards  

CISA encourages users to update to CSET version 9.2, available at https://github.com/cisagov/cset/wiki.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 1.

National Critical Infrastructure Security and Resilience Month

Original release date: November 1, 2019

November is National Critical Infrastructure Security and Resilience Month. The Nation’s critical infrastructure (CI) relies on a highly interdependent environment, in which physical and cyber systems converge. CI plays a vital role in keeping our Nation and communities safe and secure. Everyone is involved in the mission to protect CI and can help by using cybersecurity best practices, reporting cybersecurity incidents and phishing attempts, and submitting malware for review.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical infrastructure owners and operators to download the Critical Infrastructure Security and Resilience Month Toolkit and to visit CISA’s Critical Infrastructure Security and Resilience Month resource page throughout November for information and updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. november 1.

Google Releases Security Updates for Chrome

Original release date: October 31, 2019

Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 31.

North Korean Malicious Cyber Activity

Original release date: October 31, 2019

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

CISA encourages users and administrators to review Malware Analysis Reports MAR-10135536-8 and the page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 30.

MS-ISAC Releases EOS Software Report List

Original release date: October 30, 2019

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an end-of-support (EOS) software report list. Software that has reached its EOS date no longer receives security updates and patches from the vendor and is, therefore, susceptible to exploitation from security vulnerabilities. Unsupported software can also cause compatibility issues as well as decreased system performance and productivity.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC's EOS Report List: October 2019 and Understanding Patches and Software Updates for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 30.

MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: October 30, 2019

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2019-116 and the PHP Downloads page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 30.

Apple Releases Security Updates

Original release date: October 30, 2019

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 29.

Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors

Original release date: October 29, 2019

Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely tracks malicious activity originating from the Russian advanced persistent threat (APT) group 28, also known as Fancy Bear, STRONTIUM, Swallowtail, Sofacy, Sednit, and Zebrocy. According to Microsoft, APT28 is targeting sporting and anti-doping organizations using spearphishing, password spraying (a brute force technique), fake Microsoft internet domains, as well as open-source and custom malware to exploit internet-connected devices.

To protect against similar attacks, Microsoft recommends:

  • Enabling two-factor authentication on all business and personal email accounts,
  • Learning how to spot phishing schemes and protect yourself from them, and
  • Enabling security alerts about links and files from suspicious websites.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages network defenders to remain vigilant and review the Microsoft article, the World Anti-Doping Agency article, and the following resources for additional information:

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 29.

Samba Releases Security Updates

Original release date: October 29, 2019

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcements for CVE-2019-10218, CVE-2019-14833, and CVE-2019-14847 and apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

2019. október 29.

FTC Provides Tips for Warding Off Hackers

Original release date: October 29, 2019

The Federal Trade Commission (FTC) has released an article with tips on how protect your personal information from being stolen by hackers. In support of National Cybersecurity Awareness Month (NCSAM), FTC provides recommendations on how to safeguard phones, computers, accounts, and personally identifiable information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article and the following additional resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.