U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

CA Releases Updates for ARCserve Backup

Published Friday, March 19, 2010

CA has released updates to address vulnerabilities in the version of Java JRE bundled with ARCserve Backup. These vulnerabilities in Java JRE may allow an attacker to execute arbitrary code, bypass security restrictions, cause a denial-of-service condition, or obtain sensitive information.

US-CERT encourages users and administrators to review the CA security notice CA20100318-01 and apply any necessary updates to help mitigate the risks.

Read Full Entry »

Zeus Trojan Campaign Warning

Published Wednesday, March 17, 2010

US-CERT is aware of public reports of malicious code circulating via spam email messages impersonating the Department of Homeland Security (DHS). The attacks arrive via unsolicited email messages that may contain subject lines related to DHS or other government activity. These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan.

US-CERT encourages users and administrators to take the following measures to protect themselves:

  • Do not follow unsolicited web links or attachments in email messages.
  • Maintain up-to-date antivirus software.
  • Refer to Cyber Security Tip ST04-014 - Avoiding Social Engineering and Phishing Attacks
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Read Full Entry »

Apple Releases Safari 4.0.5

Published Friday, March 12, 2010

Apple has released Safari 4.0.5 to address multiple vulnerabilities in ColorSync, ImageIO, PubSub, Safari, and WebKit. These vulnerabilities may allow a remote attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or bypass security restrictions.

US-CERT encourages users and administrators to review Apple article HT4070 and upgrade to Safari 4.0.5 to help mitigate the risks.

Read Full Entry »

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top