Skip to main content
United States Flag

Official website of the Department of Homeland Security

US Department of Homeland Security CISA Cyber + Infrastructure
US Department of Homeland Security CISA Cyber + Infrastructure

CertMain Menu

  • About Us
  • Alerts and Tips
  • Resources
  • Industrial Control Systems
  • Report
US Department of Homeland Security CISA Cyber + Infrastructure
TLP:WHITE
TLP:WHITE
Coronavirus (COVID-19) - Learn More
Ransomware Guidance
Chinese Malicous Cyber Activity
Hidden Cobra: North Korean Malicious Cyber Activity - CISA Issues 7 new MARs
Grizzly Steppe Russian Malicous Cyber Activity
Coronavirus (COVID-19) - Learn More
Ransomware Guidance
Chinese Malicous Cyber Activity
Hidden Cobra: North Korean Malicious Cyber Activity - CISA Releases 7 new MARs
Grizzly Steppe Russian Malicous Cyber Activitiy

Current Activity

Current Activity Icon
Wednesday, March 25, 2020

Apple Releases Security Updates

Current Activity Icon
Wednesday, March 25, 2020

Adobe Releases Security Update for Creative Cloud Desktop Application

Current Activity Icon
Monday, March 23, 2020

Microsoft RCE Vulnerabilities Affecting Windows, Windows Server

Current Activity Icon
Thursday, March 19, 2020

Drupal Releases Security Updates

Report Incidents
Report Incidents
Report Phishing
Report Phishing
Report Malware
Report Malware
Report Vulnerabilities
Report Vulnerabilities
Share Indicators
Share Indicators
Contact US-CERT
Contact US-CERT

Recent Vulnerabilities

3/30

3/30

VU#962085

Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting

3/30

3/30

VU#944837

Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities

3/24

3/24

VU#354840

Microsoft Windows Type 1 font parsing remote code execution vulnerabilities

3/23

3/23

VU#872016

Microsoft SMBv3 compression remote code execution vulnerability

3/23

3/23

VU#782301

pppd vulnerable to buffer overflow due to a flaw in EAP packet processing

3/20

3/20

VU#425163

Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack

Other Resources: National Vulnerability Database

National Cyber Awareness System

Current Activity Icon

Current Activity

Provides up-to-date information about high-impact security activity affecting the community at large.

Alerts Icons

Alerts

Timely information about current security issues, vulnerabilities, and exploits.

Bulletins Icon

Bulletins

Weekly summaries of new vulnerabilities along with patch information.

Analysis Reports Icon

Analysis Reports

Provide in-depth analysis on a new or evolving cyber threat.

Announcements

North Korean Malicious Cyber Activity

On February 14, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD), released six new Malware Analysis Reports (MARs) and an updated MAR on malware used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/northkorea.

HIDDEN COBRA – North Korean Malicious Cyber Activity

On October 31, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra. 

Contact Us

phone icon(888)282-0870

email iconSend us email

lock iconDownload PGP/GPG keys

feedback iconSubmit website feedback

Subscribe to Alerts

Receive security alerts, tips, and other updates.


 
twitter icon
rss icon
Home   Site Map   FAQ   Contact Us   Traffic Light Protocol   PCII   Accountability   Disclaimer   Privacy Policy   FOIA   No Fear Act   AccessibilityPlain WritingPlug-ins   Inspector General   The White House   USA.gov
 

CISA is part of the Department of Homeland Security