US-CERT | United States Computer Emergency Readiness Team

The National Cybersecurity and Communications Integration Center (NCCIC) is the Nation’s flagship cyber defense, incident response, and operational integration center. Our mission is to reduce the Nation’s risk of systemic cybersecurity and communications challenges.

Contact Us

(888) 282-0870

Send us email

Download PGP/GPG keys

Incidents, Indicators, Phishing, Malware, or Vulnerabilities

Current Activity

View Current Activity Feed

Drupal Releases Security Updates

Published Wednesday, April 17, 2019

Drupal has released security updates to address multiple vulnerabilities in Drupal Core. A remote attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisories SA-CORE-2019-005 and SA-CORE-2019-006 and apply the necessary updates.

Read Full Entry »

Cisco Releases Security Updates

Published Wednesday, April 17, 2019

Cisco has released a security update to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory page and apply the necessary updates.

Read Full Entry »

ICSJWG Spring Meeting April 23–25

Published Wednesday, April 17, 2019

The Industrial Control Systems Joint Working Group (ICSJWG)—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council framework—will hold the 2019 ICSJWG Spring Meeting in Kansas City, MO, April 23–25, 2019. ICSJWG facilitates information sharing to reduce the risk to the Nation’s industrial control systems.

Read Full Entry »

Multiple Vulnerabilities in Broadcom WiFi Chipset Drivers

Published Wednesday, April 17, 2019

The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities in Broadcom Wi-Fi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the CERT/CC Vulnerability Note VU#166939 for more information and refer to vendors for appropriate updates, when available.

Read Full Entry »

Announcements

HIDDEN COBRA - North Korean Malicious Cyber Activity

On April 10, 2019, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.
CISA Awareness Briefing on Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency (CISA) will conduct virtual awareness briefings from 1–2 p.m. on February 6 and February 22 about Chinese malicious cyber activity targeting managed service providers (MSPs). To register, or for more information, visit https://www.us-cert.gov/ccubedvp/events.
SamSam Ransomware

On December 3, 2018, the Department of Homeland Security and the Federal Bureau of Investigation released a joint Activity Alert on cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-337A.