US-CERT | United States Computer Emergency Readiness Team

The National Cybersecurity and Communications Integration Center (NCCIC) is the Nation’s flagship cyber defense, incident response, and operational integration center. Our mission is to reduce the Nation’s risk of systemic cybersecurity and communications challenges.

Contact Us

(888) 282-0870

Send us email

Download PGP/GPG keys

Incidents, Indicators, Phishing, Malware, or Vulnerabilities

Current Activity

View Current Activity Feed

ISC Releases Security Updates for BIND

Published Friday, February 22, 2019

The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

Read Full Entry »

Drupal Releases Security Updates

Published Thursday, February 21, 2019

Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisory and apply the necessary updates.

Read Full Entry »

Adobe Releases Security Updates

Published Thursday, February 21, 2019

Adobe has released security updates to address a vulnerability in Adobe Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletin APSB19-13 and apply the necessary updates.

Read Full Entry »

Cisco Releases Security Updates

Published Wednesday, February 20, 2019

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.

Read Full Entry »

Announcements

CISA Awareness Briefing on Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency (CISA) will conduct virtual awareness briefings from 1–2 p.m. on February 6 and February 22 about Chinese malicious cyber activity targeting managed service providers (MSPs). To register, or for more information, visit https://www.us-cert.gov/ccubedvp/events.
SamSam Ransomware

On December 3, 2018, the Department of Homeland Security and the Federal Bureau of Investigation released a joint Activity Alert on cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-337A.
3ve – Fraudulent Online Advertising

On November 27, 2018, the Department of Homeland Security and the Federal Bureau of Investigation identified a major online ad fraud operation—referred to by the U.S. Government as "3ve." For more information on 3ve, visit https://www.us-cert.gov/ncas/alerts/TA18-331A.