US CERT Current Activity

Syndicate content
Current Activity provides timely information on security risks to help you better protect your systems from malware campaigns and mitigate against new software vulnerabilities. 2013-02-22T13:58:06Z
Updated: 1 year 8 weeks ago

Ongoing Malicious Cyber Activity Against U.S. Government and Private Sector Entities

Fri, 02/22/2013 - 11:58
Various cyber actors have engaged in malicious activity against U.S. Government and private sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information. The malicious actors have employed a variety of techniques to infiltrate targeted organizations, establish a foothold, penetrate throughout the targets’ networks, and steal confidential or proprietary data. The United States Department of Homeland Security, in collaboration with the Federal Bureau of Investigation and other partners, has released a Joint Indicator Bulletin (JIB) through secure channels. This JIB contains cyber threat indicators that will enable public and private sector critical infrastructure partners to take action to mitigate adverse impacts from this activity and protect their sensitive information. This traffic light protocol green JIB contains internet protocol addresses, domain names, and malware indicators associated with malicious data exfiltration activity. Confirmed members of the cybersecurity community of practice, which may include critical infrastructure owners and operators, systems administrators, and information security practitioners, may request a copy of this bulletin by contacting soc@us-cert.gov with the subject “JIB Request,” and including the requestor’s name and affiliation. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Apple Releases Security Update for Java on OS X

Thu, 02/21/2013 - 19:45
Apple has released a security update for Java on OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later, Mac OS X v10.6.8, and Mac OS X Server v10.6.8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Apple Support Article HT5666 and follow best-practice security policies to determine which updates should be applied. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Google Releases Google Chrome 25.0.1364.87

Thu, 02/21/2013 - 17:53
Google has released Google Chrome 25.0.1364.87 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to cause a denial-of-service condition or bypass security features. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 25.0.1364.87. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Mozilla Releases Multiple Updates

Thu, 02/21/2013 - 17:50
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities. Firefox 19.0 Firefox ESR 17.0.3 Thunderbird 17.0.3 Thunderbird ESR 17.0.3 SeaMonkey 2.16 These vulnerabilities could allow an attacker to execute arbitrary code, bypass security features, or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 19.0, Firefox ESR 17.0.3, Thunderbird 17.0.3, Thunderbird ESR 17.0.3, and SeaMonkey 2.16 and apply any necessary updates to help mitigate the risk. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Updated Release of the February 2013 Oracle Java SE Critical Patch Update

Thu, 02/21/2013 - 13:44
Oracle has released an updated February 2013 Critical Patch Update for Oracle Java SE to address a vulnerability. This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on vulnerable systems or to provide unauthorized disclosure of information. The following versions of Oracle Java SE are affected: JDK and JRE 7 Update 13 and earlier JDK and JRE 6 Update 39 and earlier JDK and JRE 5.0 Update 39 and earlier SDK and JRE 1.4.2_41 and earlier US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied. Additional information regarding this vulnerability can be found in Vulnerability Notes VU#636312. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Updates for Adobe Reader and Acrobat

Thu, 02/14/2013 - 17:20
Adobe has released a security advisory for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that two vulnerabilities referenced in Security Advisory APSA13-02, CVE-2013-0640 and CVE-2013-0641, are being exploited in the wild. The advisory indicates that the following versions of Adobe Reader and Acrobat are affected: Adobe Reader XI 11.0.01 and earlier for Windows and Macintosh Adobe Reader X 10.1.5 and earlier for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh, and Linux Adobe Acrobat XI 11.0.01 and earlier for Windows and Macintosh Adobe Acrobat X 10.1.5 and earlier for Windows and Macintosh Adobe Acrobat 9.5.3. and earlier 9.x versions for Windows and Macintosh Adobe recommends users update their product installations to the latest version using the instructions provided in the "Solutions" section in Security Bulletin APSB13-07. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Advisory for Adobe Reader and Acrobat

Thu, 02/14/2013 - 17:20
Adobe has released a security advisory for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that these vulnerabilities are being exploited in the wild, in targeted attacks designed to trick users into clicking on malicious PDF files delivered in an email message. The advisory indicates that the following versions of Adobe Reader and Acrobat are affected: Adobe Reader XI 11.0.01 and earlier for Windows and Macintosh Adobe Reader X 10.1.5 and earlier for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh, and Linux Adobe Acrobat XI 11.0.01 and earlier for Windows and Macintosh Adobe Acrobat X 10.1.5 and earlier for Windows and Macintosh Adobe Acrobat 9.5.3. and earlier 9.x versions for Windows and Macintosh Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Update for Adobe Reader and Acrobat

Thu, 02/14/2013 - 14:47
Adobe has released a security update for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick users into clicking on malicious PDF files delivered in an email message. Adobe has released updates for the following versions: Adobe Reader XI 11.0.01 and earlier for Windows and Macintosh Adobe Reader X 10.1.5 and earlier for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh and Linux Adobe Acrobat XI 11.0.01 and earlier for Windows and Macintosh Adobe Acrobat X 10.1.5 and earlier for Windows and Macintosh Adobe Acrobat 9.5.3. and earlier 9.x versions for Windows and Macintosh US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-02 and follow best-practice security polices to determine which updates should be applied. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Research In Motion Releases Security Update for BlackBerry Enterprise Server

Thu, 02/14/2013 - 13:34
Research In Motion (RIM) has released a security advisory for BlackBerry Enterprise Server to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or allow elevation of privileges. RIM has released updates for the following versions: BlackBerry Enterprise Server Express versions 5.02 through 5.04 for Microsoft Exchange and IBM Lotus Domino BlackBerry Enterprise Server versions 5.02 through 5.04 for Microsoft Exchange and IBM Lotus Domino BlackBerry Enterprise Server versions 5.0.1 and 5.0.4 for Novell Groupwise US-CERT encourages users and administrators to review RIM security advisory BSRT-2013-003 and apply any necessary updates to help mitigate the risk. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Update for Adobe Flash Player

Wed, 02/13/2013 - 19:05
Adobe has released a security update for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected systems. Adobe has released updates for the following versions: Adobe Flash Player 11.5.502.149 and earlier versions for Windows and Macintosh Adobe Flash player 11.2.202.262 and earlier versions for Linux Adobe Flash player 11.1.115.37 and earlier versions for Android 4.x devices Adobe Flash player 11.1.111.32 and earlier versions for Android 3.x devices Adobe AIR 3.5.0.1060 and earlier versions Adobe AIR 3.5.0.1060 SDK (including AIR for iOS) and earlier versions US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-05 and apply any necessary updates to help mitigate the risk. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Update for Adobe Shockwave Player

Wed, 02/13/2013 - 15:18
Adobe has released a security update for Adobe Shockwave Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. Adobe has released updates for the following versions: Adobe Shockwave Player 11.6.8.638 and earlier versions for Windows and Macintosh US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-06 and apply any necessary updates to help mitigate the risk. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Adobe Releases Security Advisory for Adobe Flash Player

Fri, 02/08/2013 - 12:29
Adobe has released a security advisory for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe has released updates for the following versions: Adobe Flash Player 11.5.502.146 and earlier version for Windows and Macintosh Adobe Flash Player 11.2.202.261 and earlier versions for Linux Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-04 and apply any necessary updates to help mitigate the risk. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Microsoft Releases February 2013 Security Bulletin

Thu, 02/07/2013 - 19:12
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Server Software, Office, and .NET Framework as part of the Microsoft Security Bulletin summary for February 2013. These vulnerabilities could allow remote code execution, allow elevation of privilege, or cause a denial-of-service condition. US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which update should be applied. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Microsoft Releases Advance Notification for February Security Bulletin

Thu, 02/07/2013 - 19:12
Microsoft has published a Security Bulletin Advance Notification indicating that its February release will contain eleven bulletins. These bulletins will have the severity rating of critical and important, and will be for Microsoft Windows, Internet Explorer, Server Software, and .NET Framework. These bulletins are scheduled for release on February 12, 2013. US-CERT will provide additional information as it becomes available. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Apple Releases Security Update for OS X Server

Tue, 02/05/2013 - 18:52
Apple has released a security update for OS X Server v2.2.1 for OS X Mountain Lion v10.8 or later to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code. US-CERT encourages users and administrators to review Apple Support Article HT5644 and follow best-practice security policies to determine if their organization is affected and the appropriate response. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Oracle Releases Out-of-Band Patch to Address Java 7 Vulnerabilities

Fri, 02/01/2013 - 19:23
Oracle has released an out-of-band patch to address multiple vulnerabilities in the Java Runtime Environment (JRE) 7 Update 11 and earlier. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied. See Vulnerability Note VU#858729 for more information. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

Apple Releases iOS 6.1

Wed, 01/30/2013 - 12:38
Apple has released iOS 6.1 for the iPhone 3 GS and later, iPod touch 4th generation and later, and iPad 2 and later to address multiple vulnerabilities. These vulnerabilities may allow an attacker to operate with elevated privileges or execute arbitrary code. US-CERT encourages users and administrators to review Apple Support Article HT5642 and follow best-practice security policies to determine which updates should be applied. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas

CERT Releases UPnP Security Advisory

Tue, 01/29/2013 - 19:46
Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices. Information is also available in CERT Vulnerability Note VU#922681. US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities. US-CERT recommends that users and administrators review CERT Vulnerability Note VU#922681, disable UPnP (if possible), and restrict access to SSDP (1900/udp) and Simple Object Access Protocol (SOAP) services from untrusted networks such as the Internet. This product is provided subject to this Notification and this Privacy & Use policy.
Categories: Alertas