Subscribe: US-CERT Current Activity
http://www.us-cert.gov/current/index.atom
Preview: US-CERT Current Activity

US-CERT Current Activity



A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.



 



Microsoft Releases February 2018 Security Updates

Tue, 13 Feb 2018 20:09:07 +0000

Original release date: February 13, 2018

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Microsoft's February 2018 Security Update Summary and Deployment Information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.





Adobe Releases Security Updates

Tue, 13 Feb 2018 18:45:50 +0000

Original release date: February 13, 2018

Adobe has released security updates to address vulnerabilities in Adobe Experience Manager, Acrobat, and Reader. A remote attacker could exploit these vulnerabilities to take control of an affected system.                  

NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-02 and APSB18-04 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.





North Korean Malicious Cyber Activity

Tue, 13 Feb 2018 15:01:09 +0000

Original release date: February 13, 2018

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as HARDRAIN and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

NCCIC/US-CERT encourages users and administrators to review the HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware Analysis Reports MAR-10135536-F and MAR-10135536-G, for more information.


This product is provided subject to this Notification and this Privacy & Use policy.





Cisco Releases Security Updates for Multiple Products

Wed, 07 Feb 2018 18:08:00 +0000

Original release date: February 07, 2018

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.





Adobe Releases Security Updates for Flash Player

Tue, 06 Feb 2018 18:09:45 +0000

Original release date: February 06, 2018

Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.                 

NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-03 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.





Cisco Releases Security Updates

Mon, 05 Feb 2018 20:27:05 +0000

Original release date: February 05, 2018

Cisco has released an updated advisory and security updates to address a vulnerability affecting its Adaptive Security Appliance software. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Cisco's updated Security Advisory and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.





Safer Internet Day

Mon, 05 Feb 2018 13:56:34 +0000

Original release date: February 05, 2018

February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.

NCCIC/US-CERT encourages users to view the Safer Internet Day website and the following tips:


This product is provided subject to this Notification and this Privacy & Use policy.





FTC Warns of Online Dating Scams

Fri, 02 Feb 2018 02:22:54 +0000

Original release date: February 01, 2018

The Federal Trade Commission (FTC) has released an article addressing scams targeting online daters. In this type of fraud, cyber criminals target victims, gain their confidence, and trick them into sending money.

To stay safer online, review the FTC article on Online Dating Scams and the NCCIC/US-CERT tip on Staying Safe on Social Networking Sites. If you think you have been a victim of an online dating scam, report your experience to


This product is provided subject to this Notification and this Privacy & Use policy.





IC3 Warns of Impersonation Scams

Fri, 02 Feb 2018 02:18:35 +0000

Original release date: February 01, 2018

The Internet Crime Complaint Center (IC3) has released an alert on impersonation scams. In these schemes, scammers send emails impersonating IC3 to trick recipients into providing personally identifiable information or downloading malicious files. Users should use caution when reviewing unsolicited messages.

NCCIC/US-CERT encourages consumers to refer to the IC3 Alert and the NCCIC/US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for more information.


This product is provided subject to this Notification and this Privacy & Use policy.





Pyeongchang 2018: Staying Cyber Safe during the Olympics

Thu, 01 Feb 2018 11:35:52 +0000

Original release date: February 01, 2018

As the 2018 Olympic Games in Pyeongchang approach, NCCIC/US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, cyber activists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harvest users’ credentials for financial gain. There is also the possibility that mobile or other communications will be monitored.

NCCIC/US-CERT encourages users to protect themselves against these risks—especially risks associated with portable devices such as smart phones and tablets—by taking the following actions:

  • Switch off Wi-Fi and Bluetooth connections when not in use.
  • Use a credit card to pay for online goods and services.
  • When using a public or unsecured wireless connection, avoid using sites and applications that require personal information like log-ins.
  • Update mobile software.
  • Use strong PINs and passwords.

Using the security practices suggested in the resources listed below will also help travelers stay more secure in Pyeongchang and other travel destinations:


This product is provided subject to this Notification and this Privacy & Use policy.