Homepage | CISA

Current Activity

Saturday, July 4, 2020

F5 Releases Security Advisory for BIG-IP TMUI RCE vulnerability, CVE-2020-5902

Friday, July 3, 2020

Samba Releases Security Updates

Thursday, July 2, 2020

Cisco Releases Security Updates for Multiple Products

Thursday, July 2, 2020

Mozilla Releases Security Updates for Firefox and Firefox ESR

Report Incidents

Report Phishing

Report Malware

Report Vulnerabilities

Share Indicators

Contact US-CERT

Recent Vulnerabilities

6/29

VU#339275

Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

6/26

VU#576779

Netgear httpd upgrade_check.cgi stack buffer overflow

6/25

VU#257161

Treck IP stacks contain multiple vulnerabilities

6/24

VU#636397

IP-in-IP protocol routes arbitrary traffic by default

6/15

VU#782301

pppd vulnerable to buffer overflow due to a flaw in EAP packet processing

6/4

VU#872016

Microsoft SMBv3 compression remote code execution vulnerability

National Cyber Awareness System

Current Activity

Provides up-to-date information about high-impact security activity affecting the community at large.

Alerts

Timely information about current security issues, vulnerabilities, and exploits.

Bulletins

Weekly summaries of new vulnerabilities along with patch information.

Analysis Reports

Provide in-depth analysis on a new or evolving cyber threat.

Announcements

North Korean Malicious Cyber Activity

On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD), released three new Malware Analysis Reports (MARs) on malware used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/NorthKorea.

North Korean Malicious Cyber Activity

On April 15, 2020, the U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released joint guidance on North Korea’s malicious cyber activities, including recommended steps to mitigate the threat.