U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Announcements

The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

Published Dec 20, 2018
On December 20, 2018, the U.S. Government announced that a group of Chinese cyber actors associated with the Chinese government have carried out a campaign of cyber-enabled theft targeting global information technology (IT) service providers and their customers. Over the past four years, these actors have gained access to multiple U.S. and global IT service providers and their customers. For more information related to this activity, go to https://www.us-cert.gov/china.
Published Dec 03, 2018
On December 3, 2018, the Department of Homeland Security and the Federal Bureau of Investigation released a joint Activity Alert on cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-337A.
Published Nov 27, 2018
On November 27, 2018, the Department of Homeland Security and the Federal Bureau of Investigation identified a major online ad fraud operation—referred to by the U.S. Government as "3ve." For more information on 3ve, visit https://www.us-cert.gov/ncas/alerts/TA18-331A.
Published Oct 11, 2018
On October 11, 2018, NCCIC, in collaboration with the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom National Cyber Security Centre, released a joint Activity Alert that highlights five publicly available tools frequently observed in cyber incidents worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-284A.
Published Oct 03, 2018
On October 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) released reporting on advanced persistent threat (APT) actors actively exploiting trust relationships in information technology (IT) service provider networks around the world. For more information, visit https://www.us-cert.gov/APTs-Targeting-IT-Service-Provider-Customers.
Published Oct 02, 2018
On October 2, 2018, the Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
Published Sep 18, 2018
NCCIC will conduct a series of webinars on Protecting Enterprise Network Infrastructure Devices. Each webinar will be held from 1-2:30 p.m. ET on September 24, September 27, October 2, and October 4. To register or for more information, visit https://www.us-cert.gov/ccubedvp/events.
Published Aug 09, 2018
On August 9, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.For more information, visit https://www.us-cert.gov/HiddenCobra.
Published Jun 14, 2018
On June 14, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified Trojan malware variants—referred to as TYPEFRAME—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.For more information, visit https://www.us-cert.gov/HiddenCobra.
Published May 29, 2018
On May 29, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified two families of malware—referred to as Joanap and Brambul—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.
Back to Top