US CERT: Current Activity

Subscribe to US CERT: Current Activity hírcsatorna
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Frissítve: 2 óra 32 perc
2020. október 22.

CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

Original release date: October 22, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity.

AA20-296A updates a previous joint CISA-FBI cybersecurity advisory and provides information on Russian state-sponsored actors targeting U.S. state, local, tribal, and territorial (SLTT) government networks, as well as aviation networks. In limited instances, this activity has resulted in unauthorized access to IT systems used by U.S. election officials.

AA20-296B details Iranian APT actors working to influence and interfere with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. These actors have taken part in spear-phishing campaigns, website defacements, and disinformation campaigns to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.

Both joint cybersecurity advisories contain information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 22.

Cisco Releases Security Updates for Multiple Products

Original release date: October 22, 2020

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco security page and apply the necessary updates.

 

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 21.

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: October 21, 2020

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 82 and Firefox ESR 78.4 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 21.

Google Releases Security Updates for Chrome

Original release date: October 21, 2020

Google has released Chrome version 86.0.4240.111 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary changes.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 21.

Adobe Releases Security Updates for Multiple Products

Original release date: October 21, 2020

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 21.

Oracle Releases October 2020 Security Bulletin

Original release date: October 20, 2020

Oracle has released its Critical Patch Update for October 2020 to address 402 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle October 2020 Critical Patch Update and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 20.

NSA Releases Advisory on Chinese State-Sponsored Actors Exploiting Publicly Known Vulnerabilities

Original release date: October 20, 2020

The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical system administrators to prioritize the immediate patching of the CVEs in NSA’s advisory and to review CISA’s Alert Potential for China Cyber Response to Heightened U.S.–China Tensions, which details potential cyber response to heightened tensions between the United States and China and provides specific tactics, techniques, and procedures (TTPs) and recommended mitigations to the cybersecurity community to assist in the protection of our Nation’s critical infrastructure.

Review the CISA's Chinese Malicious Cyber Activity page for more information on Chinese malicious cyber activity.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 20.

VMware Releases Security Updates for Multiple Products

Original release date: October 20, 2020

VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0023 and apply the necessary updates or workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 16.

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities

Original release date: October 16, 2020

Microsoft has released security updates to address remote code execution vulnerabilities affecting Windows Codecs Library and Visual Studio Code. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft security advisories for CVE-2020-17022 and CVE-2020-17023 and apply the necessary updates.

 

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 16.

NCSC Releases Alert on Microsoft SharePoint Vulnerability

Original release date: October 16, 2020

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an Alert to address a vulnerability—CVE-2020-16952—affecting Microsoft SharePoint server. An attacker could exploit this vulnerability to take control of an affected system. Applying patches from Microsoft’s October 2020 Security Advisory for CVE-2020-16952 can prevent exploitation of this vulnerability.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Alert and the Microsoft Security Advisory for CVE-2020-16952 for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 16.

Adobe Releases Security Updates for Magento

Original release date: October 16, 2020

Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Magento Open Source. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-59 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 15.

Juniper Networks Releases Security Updates for Multiple Products

Original release date: October 15, 2020

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 14.

Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

Original release date: October 14, 2020

Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Security Advisory for more information, and apply the necessary updates or workaround.
 

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 14.

Adobe Releases Security Updates for Flash Player

Original release date: October 14, 2020

Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-58 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 14.

Apache Releases Security Updates for Apache Tomcat

Original release date: October 14, 2020

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. 

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Apache Security Advisory for CVE-2020-13943 and upgrade to the appropriate version.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 13.

Microsoft Releases October 2020 Security Updates

Original release date: October 13, 2020

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s October 2020 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 13.

SAP Releases October 2020 Security Updates

Original release date: October 13, 2020

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability (CVE-2020-6364) affecting SAP Solution Manager and SAP Focused Run.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the SAP Security Notes for October 2020 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 10.

CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Original release date: October 9, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory regarding advanced persistent threat (APT) actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a single intrusion—in an attempt to compromise federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations. CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised.

The joint cybersecurity advisory contains information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 8.

QNAP Releases Security Updates for QNAP Helpdesk

Original release date: October 8, 2020

QNAP Systems has released security updates to address vulnerabilities in QNAP Helpdesk. An attacker could exploit these vulnerabilities to take control of an affected QNAP network-attached storage (NAS) device.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review QNAP Security Advisory QSA-20-08 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

2020. október 8.

Cisco Releases Security Updates

Original release date: October 8, 2020

Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.