U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Apple Releases OS X Mavericks v10.9.2 and Security Update 2014-001

Apple has released OS X Mavericks v10.9.2 and Security Update 2014-001 to address multiple vulnerabilities for the following versions of OS X:

  • OS X Lion v10.7.5
  • OS X Lion Server v10.7.5
  • OS X Mountain Lion v10.8.5
  • OS X Mavericks v10.9 and v10.9.1

US-CERT encourages users and administrators to review Apple Support Article HT6150 and apply any necessary updates.

Apple Releases Safari 6.1.2 and Safari 7.0.2

Apple has released Safari 6.1.2 and 7.0.2 for OS X to address multiple vulnerabilities in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

US-CERT encourages users and administrators to review Apple Support Article HT6145 and apply any necessary updates.

US Tax Season Phishing Scams and Malware Campaigns

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that seek to take advantage of the United States tax season. The Internal Revenue Service has issued an advisory on its website warning consumers about potential scams. Tax season phishing campaigns may include, but are not limited to:

  • Information that refers to a tax refund,
  • Warnings about unreported or under-reported income,
  • Offers to assist in filing for a refund, or
  • Links to counterfeit e-file websites.

These messages, which can appear to be from the IRS, may ask users to submit personal information via email, or include links to sites that request personal information or host malicious code.

To protect themselves against these types of phishing scams and malware campaigns, users and administrators are encouraged to take the following measures:

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top