US-CERT Current Activity
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.VMware Releases Security Updates 16 Feb 2019, 12:06 am
Original release date: February 15, 2019VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Update for Thunderbird 14 Feb 2019, 8:22 pm
Original release date: February 14, 2019Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox 13 Feb 2019, 12:26 am
Original release date: February 12, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases February 2019 Security Updates 12 Feb 2019, 8:12 pm
Original release date: February 12, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft's February 2019 Security Update Summary and Deployment Information and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Internet Romance Scams 12 Feb 2019, 7:28 pm
Original release date: February 12, 2019The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. If you think you have been a target of a romance scam, file a report with
- the online dating site,
- the Federal Trade Commission, and
- the Federal Bureau of Investigation's Internet Crime Complaint Center.
This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Update 12 Feb 2019, 6:35 pm
Original release date: February 12, 2019Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates 12 Feb 2019, 4:39 pm
Original release date: February 12, 2019Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins, APSB19-06, APSB19-07, APSB19-10, and APSB19-11, and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
New Session Added: CISA Awareness Briefing on Chinese Malicious Cyber Activity 12 Feb 2019, 1:19 pm
Original release date: February 12, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register.
This product is provided subject to this Notification and this Privacy & Use policy.
runc Open-Source Container Vulnerability 11 Feb 2019, 7:26 pm
Original release date: February 11, 2019 | Last revised: February 12, 2019The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc.
NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available.
This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Multiple Security Updates 7 Feb 2019, 7:12 pm
Original release date: February 07, 2019Apple has released security updates to address vulnerabilities in multiple products, including the recently discovered FaceTime vulnerability. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:
This product is provided subject to this Notification and this Privacy & Use policy.
