Security Incidents Currently Being Reported to the US-CERT

Syndicate content
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Updated: 24 weeks 5 days ago

Cisco Releases Security Updates

Wed, 02/27/2019 - 17:29
Original release date: February 27, 2019

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

National Consumer Protection Week

Wed, 02/27/2019 - 17:13
Original release date: February 27, 2019

National Consumer Protection Week (NCPW) is March 3–9. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review FTC’s NCPW resource page, participate in the NCPW Twitter chats and Facebook Live event, and review the following CISA tips:

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

OpenSSL Releases Security Update

Tue, 02/26/2019 - 17:30
Original release date: February 26, 2019

OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

ISC Releases Security Updates for BIND

Fri, 02/22/2019 - 10:57
Original release date: February 22, 2019

The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisories for CVE-2018-5744, CVE-2018-5745, and CVE-2019-6465, and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

Drupal Releases Security Updates

Thu, 02/21/2019 - 12:49
Original release date: February 21, 2019

Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system.


The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

Adobe Releases Security Updates

Thu, 02/21/2019 - 12:15
Original release date: February 21, 2019

Adobe has released security updates to address a vulnerability in Adobe Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB19-13 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

Cisco Releases Security Updates

Wed, 02/20/2019 - 17:23
Original release date: February 20, 2019

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

VMware Releases Security Updates

Fri, 02/15/2019 - 20:06
Original release date: February 15, 2019

VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.  

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

Mozilla Releases Security Update for Thunderbird

Thu, 02/14/2019 - 16:22
Original release date: February 14, 2019

Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles

Mozilla Releases Security Updates for Firefox

Tue, 02/12/2019 - 20:26
Original release date: February 12, 2019

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates. 

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Security Articles