US-CERT | United States Computer Emergency Readiness Team

The National Cybersecurity and Communications Integration Center (NCCIC) is the Nation’s flagship cyber defense, incident response, and operational integration center. Our mission is to reduce the Nation’s risk of systemic cybersecurity and communications challenges.

Contact Us

(888) 282-0870

Send us email

Download PGP/GPG keys

Incidents, Indicators, Phishing, Malware, or Vulnerabilities

Current Activity

View Current Activity Feed

The Federal Trade Commission (FTC) has released an announcement promoting Privacy Awareness Week (PAW). PAW is an annual event fostering awareness of privacy issues and the importance of protecting personal information. This year’s theme, “Protecting Privacy is Everyone’s Responsibility,” focuses on promoting privacy awareness for consumers and businesses.

Read Full Entry »

Mozilla Releases Security Updates for Firefox, Thunderbird

Published Tuesday, May 21, 2019

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Read Full Entry »

Staying Cyber Safe During Memorial Day

Published Monday, May 20, 2019

As Memorial Day approaches, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to stay cyber safe. Users should be cautious of potential scams, such as unsolicited emails that contain malicious links or attachments with malware. Users should also be aware of the risks associated with online shopping and traveling with mobile devices.

CISA recommends users review the following tips for information on how to guard against these risks:

Read Full Entry »

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

Published Thursday, May 16, 2019

Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems:

In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008
Out-of-support systems: Windows 2003 and Windows XP

A remote attacker could exploit this vulnerability to take control of an affected system.

Read Full Entry »

Announcements

Best Practices for Securing Election Systems

On May 21, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) released Best Practices for Securing Election Systems to aid election organizations in hardening enterprise networks and strengthening election infrastructure, at little or no cost.
HIDDEN COBRA – North Korean Malicious Cyber Activity

On May 9, 2019, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a malware variant—referred to as ELECTRICFISH—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.
HIDDEN COBRA - North Korean Malicious Cyber Activity

On April 10, 2019, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.