US-CERT | United States Computer Emergency Readiness Team

The National Cybersecurity and Communications Integration Center (NCCIC) is the Nation’s flagship cyber defense, incident response, and operational integration center. Our mission is to reduce the Nation’s risk of systemic cybersecurity and communications challenges.

Contact Us

(888) 282-0870

Send us email

Download PGP/GPG keys

Incidents, Indicators, Phishing, Malware, or Vulnerabilities

Current Activity

View Current Activity Feed

Apple Releases Multiple Security Updates

Published Monday, March 25, 2019

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

Read Full Entry »

Mozilla Releases Security Update for Thunderbird

Published Monday, March 25, 2019

Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.6.1 and apply the necessary update.

Read Full Entry »

Mozilla Releases Security Updates for Firefox

Published Friday, March 22, 2019

Mozilla has released security updates to address vulnerabilities in Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox ESR 60.6.1 and Firefox 66.0.1 and apply the necessary updates.

Read Full Entry »

Drupal Releases Security Updates

Published Wednesday, March 20, 2019

Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Drupal Security Advisory and apply the necessary updates.

Read Full Entry »

Announcements

CISA Awareness Briefing on Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency (CISA) will conduct virtual awareness briefings from 1–2 p.m. on February 6 and February 22 about Chinese malicious cyber activity targeting managed service providers (MSPs). To register, or for more information, visit https://www.us-cert.gov/ccubedvp/events.
SamSam Ransomware

On December 3, 2018, the Department of Homeland Security and the Federal Bureau of Investigation released a joint Activity Alert on cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-337A.
3ve – Fraudulent Online Advertising

On November 27, 2018, the Department of Homeland Security and the Federal Bureau of Investigation identified a major online ad fraud operation—referred to by the U.S. Government as "3ve." For more information on 3ve, visit https://www.us-cert.gov/ncas/alerts/TA18-331A.