US CERT Current Activity

Syndicate content
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Updated: 1 hour 44 min ago

Guidance for Defending Against Destructive Malware

Tue, 03/03/2015 - 13:51
Original release date: March 03, 2015

The Information Assurance Directorate of the National Security Agency (NSA) has released a report on Defensive Best Practices for Destructive Malware. This report details several  steps network defenders can take to detect, contain, and minimize destructive malware infections.

US-CERT encourages users and administrators to review the NSA report and ICS-CERT TIP-15-022-01 for more information on destructive malware.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

FTC Details the Top 10 Imposter Scams of 2014

Mon, 03/02/2015 - 20:27
Original release date: March 02, 2015

The Federal Trade Commission (FTC) has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions.

Users are encouraged to review the FTC advisory for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Cisco IPv6 Denial of Service Vulnerability

Wed, 02/25/2015 - 13:39
Original release date: February 25, 2015

Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System X (CRS-X) running an affected version of Cisco IOS XR Software are affected by this vulnerability.

Users and administrators are encouraged to review the Cisco Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Samba Remote Code Execution Vulnerability

Tue, 02/24/2015 - 19:33
Original release date: February 24, 2015

Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon (smbd). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected. Patches are currently available from Debian, Red Hat, Suse, and Ubuntu. A Samba patch is available for experienced users and administrators to implement.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Tue, 02/24/2015 - 19:15
Original release date: February 24, 2015

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information or execute arbitrary code on an affected system.

Updates available include:

  • Firefox 36
  • Firefox ESR 31.5
  • Thunderbird 31.5

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR, and Thunderbird and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Lenovo Computers Vulnerable to HTTPS Spoofing

Fri, 02/20/2015 - 13:07
Original release date: February 20, 2015

Lenovo consumer personal computers employing the pre-installed Superfish Visual Discovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

US-CERT recommends users and administrators review Vulnerability Note VU#529496 and US-CERT Alert TA15-051A for additional information and mitigation details.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

IRS Issues Warning for a Scam Targeting Tax Preparers

Thu, 02/19/2015 - 00:46
Original release date: February 18, 2015

The Internal Revenue Service (IRS) has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials.

US-CERT encourages users and administrators to review the IRS press release for details and refer to US-CERT Security Tip ST15-001 for information on "tax" themed phishing attacks.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

ISC Releases Security Updates for BIND

Thu, 02/19/2015 - 00:38
Original release date: February 18, 2015

The Internet Systems Consortium (ISC) has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.

Updates available include:

  • BIND 9.9.6-P2
  • BIND 9.10.1-P2

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01235 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Microsoft Releases February 2015 Security Bulletin

Wed, 02/11/2015 - 00:22
Original release date: February 10, 2015

Microsoft has released updates to address vulnerabilities in Windows as part of the Microsoft Security Bulletin Summary for February 2015. Some of these vulnerabilities could allow remote code execution, security feature bypass, elevation of privilege, or disclosure of information.

US-CERT encourages users and administrators to review Microsoft Security Bulletin Summary MS15-FEB and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Microsoft Releases Critical Security Update for Internet Explorer

Tue, 02/10/2015 - 22:01
Original release date: February 10, 2015

Microsoft has released a critical security update to address multiple vulnerabilities in Internet Explorer. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system if the user views a specially crafted webpage.

Users and administrators are encouraged to review Microsoft Bulletin MS15-009 for details and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Google Releases Security Update for Chrome OS

Tue, 02/10/2015 - 20:54
Original release date: February 10, 2015

Google has released Chrome OS 40.0.2214.114 for Chrome devices to address multiple vulnerabilities. Exploitation of one these vulnerabilities could allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Google Chrome blog entry and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Microsoft Releases Critical Security Bulletin

Tue, 02/10/2015 - 15:53
Original release date: February 10, 2015

Microsoft has released Security Bulletin MS15-011 to address a critical vulnerability in Windows. Exploitation of this vulnerability could allow a remote attacker to take complete control of an affected system. 

This security update contains a new policy feature (UNC Hardened Access) which is not enabled by default. To enable this feature, a system administrator must deploy the update, then apply the Group Policy settings described in the bulletin. For complete protection against this vulnerability, system reboots are required. Other than the update and configuration instructions contained in the Security Bulletin, there are no known workarounds or mitigations for this vulnerability. Updates are not available for Windows XP, Windows Server 2003, or Windows 2000.           

US-CERT strongly recommends administrators prioritize the application of the patch, and concurrently review and test the necessary configuration changes discussed in the associated Knowledge Base article (KB3000483).

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Google Releases Security Updates for Chrome

Thu, 02/05/2015 - 21:20
Original release date: February 05, 2015

Google has released Chrome 40.0.2214.111 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Google Chrome blog entry and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Adobe Releases Security Updates for Flash Player

Thu, 02/05/2015 - 19:02
Original release date: February 05, 2015

Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB15-04 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas