The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
After a natural disaster phishing emails and websites requesting donations for bogus charitable organizations begin to appear. Users should be aware of potential email scams and phishing attacks regarding the recent Philippines Typhoon disaster. Email scams may contain links or attachments which may direct users to phishing or malware-laden websites.
US-CERT encourages users to take the following measures to protect themselves:
Microsoft has issued a Security Bulletin Advance Notification indicating that its November 2013 release will contain eight bulletins. These bulletins will have the severity rating of critical and important and will be for Microsoft Windows, Internet Explorer, and Microsoft Office. These bulletins are scheduled for release on November 12, 2013.
US-CERT will provide more information as it becomes available.
Cisco has released three security advisories to address multiple vulnerabilities in several separate products. These vulnerabilities may allow a remote attacker to execute arbitrary code, operate with elevated privilege, or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the following Cisco security advisories and follow best practice security policies to determine if their organization is affected and the appropriate response.