U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Announcements

The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

Published Oct 11, 2018
On October 11, 2018, NCCIC, in collaboration with the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom National Cyber Security Centre, released a joint Activity Alert that highlights five publicly available tools frequently observed in cyber incidents worldwide. For more information, visit https://www.us-cert.gov/ncas/alerts/AA18-284A.
Published Oct 03, 2018
On October 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) released reporting on advanced persistent threat (APT) actors actively exploiting trust relationships in information technology (IT) service provider networks around the world. For more information, visit https://www.us-cert.gov/APTs-Targeting-IT-Service-Provider-Customers.
Published Oct 02, 2018
On October 2, 2018, the Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
Published Sep 18, 2018
NCCIC will conduct a series of webinars on Protecting Enterprise Network Infrastructure Devices. Each webinar will be held from 1-2:30 p.m. ET on September 24, September 27, October 2, and October 4. To register or for more information, visit https://www.us-cert.gov/ccubedvp/events.
Published Aug 09, 2018
On August 9, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.For more information, visit https://www.us-cert.gov/HiddenCobra.
Published Jun 14, 2018
On June 14, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified Trojan malware variants—referred to as TYPEFRAME—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.For more information, visit https://www.us-cert.gov/HiddenCobra.
Published May 29, 2018
On May 29, 2018, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified two families of malware—referred to as Joanap and Brambul—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.
Published Apr 16, 2018
On April 16, 2018, the Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom's (UK) National Cyber Security Centre (NCSC) released a joint Technical Alert (TA) about malicious cyber activity carried out by the Russian Government. The targets of this malicious cyber activity are primarily government and private-sector organizations, critical infrastructure owners and operators, and the Internet Service Providers (ISPs) supporting these sectors. DHS, FBI, and NCSC produced this alert to educate network defenders to enhance their ability to identify and reduce exposure to malicious activity. For more information, visit https://www.us-cert.gov/ncas/alerts/TA18-106A. 
Published Apr 09, 2018
Ransomware, a type of malicious software that infects and restricts access to a computer until a ransom is paid, remains a serious threat to business and individual networks and devices. It is frequently delivered through phishing emails and exploits unpatched vulnerabilities in software. The names of individual ransomware may vary (e.g., WannaCry, NotPetya, etc.), but NCCIC's best practices and guidance remain the same, including creating system back-ups, being wary of opening emails and attachments from unknown or unverified senders, and ensuring that systems are updated with the latest patches. For more information, visit NCCIC's Ransomware page.
Published Apr 02, 2018
Throughout 2017, the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) realigned its organizational structure and integrated like functions previously performed independently by the United States Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).  This new alignment combines intersecting roles from these legacy organizations to enhance the effectiveness of NCCIC’s cybersecurity and communications mission.
Back to Top