US-CERT Feed

MS-ISAC Releases Advisory on DrayTek Devices

US-Cert Current Activity - Wed, 04/01/2020 - 1:24pm
Original release date: April 1, 2020

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory regarding two vulnerable command injection points in DrayTek devices (CVE-2020-8515). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities were detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2020-043 and the DraTek Security Advisory for CVE-2020-8515 and apply the necessary updates and mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Google Releases Security Updates for Chrome

US-Cert Current Activity - Wed, 04/01/2020 - 10:48am
Original release date: April 1, 2020

Google has released Chrome version 80.0.3987.162 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Apple Releases Security Updates

US-Cert Current Activity - Wed, 03/25/2020 - 10:31am
Original release date: March 25, 2020

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Adobe Releases Security Update for Creative Cloud Desktop Application

US-Cert Current Activity - Wed, 03/25/2020 - 10:24am
Original release date: March 25, 2020

Adobe has released a security update to address a vulnerability in Creative Cloud Desktop Application. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB20-11 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft RCE Vulnerabilities Affecting Windows, Windows Server

US-Cert Current Activity - Mon, 03/23/2020 - 6:37pm
Original release date: March 23, 2020

Microsoft has released a security advisory to address remote code execution vulnerabilities in Adobe Type Manager Library affecting all currently supported versions of Windows and Windows Server operating systems. A remote attacker can exploit these vulnerabilities to take control of an affected system. Microsoft is aware of limited, targeted attacks exploiting these vulnerabilities in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200006 and the CERT Coordination Center (CERT/CC) Vulnerability Note VU#354840 for more information and apply the necessary mitigations until patches are made available.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Drupal Releases Security Updates

US-Cert Current Activity - Thu, 03/19/2020 - 11:31am
Original release date: March 19, 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 8.7.x and 8.8.x. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Drupal security release and apply the necessary updates or mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Cisco Releases Security Updates for SD-WAN Solution Software

US-Cert Current Activity - Thu, 03/19/2020 - 11:26am
Original release date: March 19, 2020

Cisco has released security updates to address multiple vulnerabilities in SD-WAN Solution software. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories webpage.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Google Releases Security Updates for Chrome

US-Cert Current Activity - Thu, 03/19/2020 - 11:23am
Original release date: March 19, 2020

Google has released Chrome version 80.0.3987.149 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

 

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Adobe Releases Security Updates for Multiple Products

US-Cert Current Activity - Wed, 03/18/2020 - 11:26am
Original release date: March 18, 2020

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

VMware Releases Security Updates for Multiple Products

US-Cert Current Activity - Mon, 03/16/2020 - 11:09am
Original release date: March 16, 2020

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0004 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

AA20-073A: Enterprise VPN Security

US-Cert Alerts - Fri, 03/13/2020 - 8:08am
Original release date: March 13, 2020
Summary

As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network. As organizations elect to implement telework, the Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations to adopt a heightened state of cybersecurity.

Technical Details

The following are cybersecurity considerations regarding telework.

  • As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors.
  • As VPNs are 24/7, organizations are less likely to keep them updated with the latest security updates and patches.
  • Malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords.
  • Organizations that do not use multi-factor authentication (MFA) for remote access are more susceptible to phishing attacks.
  • Organizations may have a limited number of VPN connections, after which point no other employee can telework. With decreased availability, critical business operations may suffer, including IT security personnel’s ability to perform cybersecurity tasks.
Mitigations

CISA encourages organizations to review the following recommendations when considering alternate workplace options.

  • Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations. See CISA Tips Understanding Patches and Securing Network Infrastructure Devices.
  • Alert employees to an expected increase in phishing attempts. See CISA Tip Avoiding Social Engineering and Phishing Attacks.
  • Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery. Per the National Institute of Standards and Technology (NIST) Special Publication 800-46 v.2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, these tasks should be documented in the configuration management policy.
  • Implement MFA on all VPN connections to increase security. If MFA is not implemented, require teleworkers to use strong passwords. (See CISA Tips Choosing and Protecting Passwords and Supplementing Passwords for more information.)
  • Ensure IT security personnel test VPN limitations to prepare for mass usage and, if possible, implement modifications—such as rate limiting—to prioritize users that will require higher bandwidths.
  • Contact CISA to report incidents, phishing, malware, and other cybersecurity concerns.
References Revisions
  • March 13, 2020: Initial Version

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases Out-of-Band Security Updates for SMB RCE Vulnerability

US-Cert Current Activity - Thu, 03/12/2020 - 1:35pm
Original release date: March 12, 2020

Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources and apply the necessary updates or workarounds.
•    Microsoft Security Guidance for CVE-2020-0796
•    Microsoft Advisory ADV200005
•    CERT Coordination Center’s Vulnerability Note VU#872016

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Server Message Block RCE Vulnerability

US-Cert Current Activity - Wed, 03/11/2020 - 12:05pm
Original release date: March 11, 2020

Microsoft has released a security advisory to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows client machines to access files on servers.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200005 and the CERT Coordination Center’s Vulnerability Note VU#872016 and apply the workaround until patches are made available.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688

US-Cert Current Activity - Tue, 03/10/2020 - 1:41pm
Original release date: March 10, 2020

Microsoft Exchange Servers affected by a remote code execution vulnerability, known as CVE-2020-0688, continue to be an attractive target for malicious cyber actors. A remote attacker can exploit this vulnerability to take control of an affected system that is unpatched.

Although Microsoft disclosed the vulnerability and provided software patches for the various affected products in February 2020, advanced persistent threat actors are targeting unpatched servers, according to recent open-source reports. The Cybersecurity and Infrastructure Security Agency (CISA) urges users and administrators review Microsoft’s Advisory and the National Security Agency’s tweet on CVE-2020-0688 for more information and apply the necessary patches as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases March 2020 Security Updates

US-Cert Current Activity - Tue, 03/10/2020 - 1:40pm
Original release date: March 10, 2020

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s March 2020 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Intel Releases Security Updates

US-Cert Current Activity - Tue, 03/10/2020 - 1:24pm
Original release date: March 10, 2020

Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Mozilla Releases Security Updates for Firefox and Firefox ESR

US-Cert Current Activity - Tue, 03/10/2020 - 1:18pm
Original release date: March 10, 2020

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 74 and Firefox ESR 68.6 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Zoho Releases Security Update on ManageEngine Desktop Central

US-Cert Current Activity - Fri, 03/06/2020 - 3:42pm
Original release date: March 6, 2020

Zoho has released a security update on a vulnerability (CVE-2020-10189) affecting ManageEngine Desktop Central build 10.0.473 and below. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine Desktop Central is a unified endpoint management solution that helps companies, including managed service providers (MSPs), to control servers, laptops, smartphones, and tablets from a central location.

The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review the Zoho security update for more information and apply the patch.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Defending Against COVID-19 Cyber Scams

US-Cert Current Activity - Fri, 03/06/2020 - 1:53pm
Original release date: March 6, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

CISA encourages individuals to remain vigilant and take the following precautions.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

NCSC Releases Advisory on Securing Internet-Connected Cameras

US-Cert Current Activity - Thu, 03/05/2020 - 4:29pm
Original release date: March 5, 2020

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an advisory on securing internet-connected cameras such as smart security cameras and baby monitors. An attacker could gain access to unsecured, or poorly secured, internet-connected cameras to obtain live feeds or images.

The following steps can help consumers secure their devices.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC advisory for more information and refer to CISA’s Tips on Securing the Internet of Things and Home Network Security for additional ways to secure internet-connected devices.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Pages