U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

OpenSSL Releases Security Updates

OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • OpenSSL 1.1.0a for 1.1.0 users
  • OpenSSL 1.0.2i for 1.0.2 users
  • OpenSSL 1.0.1u for 1.0.1 users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

FTC Releases Data Breach Recovery and Prevention Video

The Federal Trade Commission (FTC) has released a step-by-step video to users whose personal information may have been exposed in a data breach. This video provides instruction on how to report an incident and develop a personal recovery plan after a data breach has occurred.

US-CERT encourages users to review the FTC blog and US-CERT Tips on Avoiding Social Engineering and Phishing Attacks, Safeguarding Your Data, and Protecting Your Privacy for more information.

Drupal Releases Security Advisory

Drupal has released an advisory to address vulnerabilities in Drupal core 8.x versions prior to 8.1.10. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Drupal's Security Advisory and apply the necessary update.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 49
  • Firefox ESR 45.4

Users and administrators are encouraged to review the Mozilla Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in macOS Server, macOS Sierra, Safari, and iCloud for Windows. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security pages for macOS Server, macOS Sierra, Safari, and iCloud for Windows and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top