US-CERT Current Activity
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.North Korean Malicious Cyber Activity 14 Jun 2018, 4:04 pm
Original release date: June 14, 2018The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as TYPEFRAME—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
US-CERT encourages users and administrators to review Malware Analysis Report (MAR) 10135536-12 and the US-CERT page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.
This product is provided subject to this Notification and this Privacy & Use policy.
ISC Releases Security Advisory for BIND 13 Jun 2018, 11:00 pm
Original release date: June 13, 2018The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to obtain sensitive information.
NCCIC encourages users and administrators to review the ISC Knowledge Base Article AA-01616 and apply the necessary workarounds.
This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Advisory on Lazy FP State Restore Vulnerability 13 Jun 2018, 10:47 pm
Original release date: June 13, 2018Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. An attacker could exploit this vulnerability to obtain access to sensitive information.
NCCIC encourages users and administrators to review Intel's Security Advisory INTEL-SA-00145, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.
This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Update for Xcode 13 Jun 2018, 9:53 pm
Original release date: June 13, 2018Apple has released a security update to address vulnerabilities in Xcode. An attacker could exploit one of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Apple’s security page for Xcode 9.4.1 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Update for Chrome 13 Jun 2018, 2:09 pm
Original release date: June 13, 2018Google has released Chrome version 67.0.3396.87 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
NCCIC encourages users and administrators to review the Chrome Release page and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases June 2018 Security Updates 12 Jun 2018, 5:45 pm
Original release date: June 12, 2018Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Microsoft's June 2018 Security Update Summary and Deployment Information and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Update 12 Jun 2018, 4:51 pm
Original release date: June 12, 2018VMware has released a security update to address a vulnerability in VMware AirWatch Agent. A remote attacker could exploit this vulnerability to take control of an affected system.
NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0015 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Update for Chrome 7 Jun 2018, 7:09 pm
Original release date: June 07, 2018Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Update 7 Jun 2018, 4:09 pm
Original release date: June 07, 2018Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the Mozilla Security Advisory for Firefox 60.0.2 and Firefox ESR 52.8.1/60.0.2 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for Flash Player 7 Jun 2018, 1:09 pm
Original release date: June 07, 2018Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-19 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
