Official website of the Department of Homeland Security
US-CERT strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world.
Security alerts, tips, and other updates
Contact Us
(888) 282-0870
Send us email
Download PGP/GPG keysIncidents, Phishing, Malware, or Vulnerabilities
GnuTLS Releases Security Update
GnuTLS has released security updates to address a vulnerability affecting certificate verification functions. An attacker could use a specially crafted X509 certificate to bypass validation checks, impersonate legitimate web sites or services, and perform man-in-the-middle attacks.
Many Linux distributions and other software which use GnuTLS are affected.
Updates available include:
Google Releases Update for Chrome
Google has released Google Chrome 33.0.1750.146 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to compromise a vulnerable system.
US-CERT encourages users and administrators to review the Google Chrome Release blog entry and apply the update.
Apple Releases QuickTime 7.7.5
Apple has released QuickTime 7.7.5 for Windows operating systems to address multiple vulnerabilities, which may lead to an unexpected application termination or arbitrary code execution.
US-CERT encourages users and administrators to review Apple Support Article HT6151 and apply any necessary updates.
Alerts
Timely information about current security issues, vulnerabilities, and exploits.
Bulletins
Weekly summaries of new vulnerabilities along with patch information when available.
Tips
Advice and best practices about common security issues for the general public.
Technical Documents
In-depth articles that provide advice and summarize a variety of internet security topics.
- Jan 29 DDoS Quick Guide
- Apr 02 South Korean Malware Attack
- Mar 07 Common Risks of Using Business Apps in the Cloud