US-CERT Feed

FTC Promotes International Charity Fraud Awareness Week

US-Cert Current Activity - Tue, 10/22/2019 - 11:24am
Original release date: October 22, 2019

The Federal Trade Commission (FTC) has released an article promoting International Charity Fraud Awareness Week (ICFAW), which runs October 21–25. FTC, the National Association of State Charities Officials, and state and international partners coordinated this campaign to help both charities and donors avoid charity fraud.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages charities and donors to review FTC’s article and the following resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

NSA and NCSC Release Joint Advisory on Turla Group Activity

US-Cert Current Activity - Mon, 10/21/2019 - 11:56am
Original release date: October 21, 2019

The National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC) have released a joint advisory on advanced persistent threat (APT) group Turla—widely reported to be Russian. The advisory provides an update to NCSC’s January 2018 report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to steal sensitive data. Additionally, the advisory states that Turla has compromised—and is currently leveraging—an Iranian APT group’s infrastructure and resources, which include the Neuron and Nautilus tools.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information:
•    NSA Advisory Turla Group Exploits Iranian APT To Expand Coverage Of Victims
•    UK NCSC Advisory Turla group exploits Iranian APT to expand coverage of victims
•    January 2018 UK NCSC Report Turla Group Malware

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

AA19-290A: Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

US-Cert Alerts - Thu, 10/17/2019 - 12:36pm
Original release date: October 17, 2019
Summary

On January 14, 2020, Microsoft will end extended support for their Windows 7 and Windows Server 2008 R2 operating systems.[1] After this date, these products will no longer receive free technical support, or software and security updates.

Organizations that have regulatory obligations may find that they are unable to satisfy compliance requirements while running Windows 7 and Windows Server 2008 R2.

Technical Details

All software products have a lifecycle. “End of support” refers to the date when the software vendor will no longer provide automatic fixes, updates, or online technical assistance. [2]

For more information on end of support for Microsoft products see the Microsoft End of Support FAQ.

Systems running Windows 7 and Windows Server 2008 R2 will continue to work at their current capacity even after support ends on January 14, 2020. However, using unsupported software may increase the likelihood of malware and other security threats. Mission and business functions supported by systems running Windows 7 and Windows Server 2008 R2 could experience negative consequences resulting from unpatched vulnerabilities and software bugs. These negative consequences could include the loss of confidentiality, integrity, and availability of data, system resources, and business assets.

Mitigations

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and organizations to:

  • Upgrade to a newer operating system.
  • Identify affected devices to determine breadth of the problem and assess risk of not upgrading. 
  • Establish and execute a plan to systematically migrate to currently supported operating systems or employ a cloud-based service. 
  • Contact the operating system vendor to explore opportunities for fee-for-service maintenance, if unable to upgrade.   
References Revisions
  • October 17, 2019: Initial version

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

ISC Releases Security Advisories for BIND

US-Cert Current Activity - Thu, 10/17/2019 - 11:27am
Original release date: October 17, 2019

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisories for CVE-2019-6475 and CVE-2019-6476 for more information and to apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Cisco Releases Security Updates

US-Cert Current Activity - Thu, 10/17/2019 - 11:05am
Original release date: October 17, 2019

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Multiple Vulnerabilities in Pulse Secure VPN

US-Cert Current Activity - Wed, 10/16/2019 - 3:39pm
Original release date: October 16, 2019

The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT) actors.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information and to apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

VMware Releases Security Update for Harbor Container Registry for PCF

US-Cert Current Activity - Wed, 10/16/2019 - 12:22pm
Original release date: October 16, 2019

VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0016 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Oracle Releases October 2019 Security Bulletin

US-Cert Current Activity - Tue, 10/15/2019 - 7:35pm
Original release date: October 15, 2019

Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle October 2019 Critical Patch Update and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Adobe Releases Security Updates for Multiple Products

US-Cert Current Activity - Tue, 10/15/2019 - 4:02pm
Original release date: October 15, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

WordPress Releases Security Update

US-Cert Current Activity - Tue, 10/15/2019 - 10:59am
Original release date: October 15, 2019

WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.2.4.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Google Releases Security Updates for Chrome

US-Cert Current Activity - Fri, 10/11/2019 - 10:48am
Original release date: October 11, 2019

Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.
 

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

US-Cert Current Activity - Thu, 10/10/2019 - 11:20am
Original release date: October 10, 2019

In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI article and CISA's Tip on Avoiding Social Engineering and Phishing Attacks. For more information on NCSAM, see the NCSAM 2019 webpage and the NCSAM 2019 Toolkit. Users can report suspected attacks to their local FBI office or to the FBI's Internet Crime Complaint Center at www.ic3.gov.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

ACSC Releases Small Business Cybersecurity Guide

US-Cert Current Activity - Thu, 10/10/2019 - 11:18am
Original release date: October 10, 2019

The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. The guide provides checklists to help small business protect themselves against common cybersecurity incidents.

 

The Cybersecurity and Infrastructure Security Agency (CISA) encourages small business owners and administrators to review ACSC’s Small Business Cyber Security Guide and CISA’s Resources for Business page to learn how to defend against cyberattacks.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Juniper Networks Releases Security Updates

US-Cert Current Activity - Thu, 10/10/2019 - 11:16am
Original release date: October 10, 2019

Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisories webpage and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Intel Releases Security Updates

US-Cert Current Activity - Wed, 10/09/2019 - 2:24pm
Original release date: October 9, 2019

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

iTerm2 Vulnerability

US-Cert Current Activity - Wed, 10/09/2019 - 12:11pm
Original release date: October 9, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-9535) affecting iTerm2, a macOS terminal emulator. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#763073, Mozilla’s blog post, and iTerm2’s downloads page for patch information and additional details.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Releases October 2019 Security Updates

US-Cert Current Activity - Tue, 10/08/2019 - 5:35pm
Original release date: October 8, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s October 2019 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Apple Releases Security Updates

US-Cert Current Activity - Tue, 10/08/2019 - 10:36am
Original release date: October 8, 2019

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities

US-Cert Current Activity - Mon, 10/07/2019 - 5:41pm
Original release date: October 7, 2019

The National Security Agency (NSA) has released an advisory on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review NSA's Cybersecurity Advisory and CISA's Current Activity on Vulnerabilities in Multiple VPN Applications for more information and apply the necessary updates or mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Microsoft Reports Cyberattacks on Targeted Email Accounts

US-Cert Current Activity - Fri, 10/04/2019 - 7:33pm
Original release date: October 4, 2019

The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the Microsoft blog for additional information and recommendations and CISA’s Tip on Supplementing Passwords.

This product is provided subject to this Notification and this Privacy & Use policy.

Categories: US-CERT Feed

Pages