U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

IRS Releases Tenth Security Tip

The Internal Revenue Service (IRS) has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all computer drives and files, making sure that tax preparers' security software updates automatically, and using robust security software that helps block malware and viruses.

Users and administrators are encouraged to review the IRS Security Awareness Tax Tip Number 10 for additional information.

Apple Releases Security Update for tvOS

Apple has released a security update for tvOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security update for tvOS 9.1.1 Apple TV (4th generation) and apply the necessary update.

Google Releases Security Update for Chrome

Google has released Chrome version 48.0.2564.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Modular Encoding Platform D9036 software, Unified Computing System (UCS) Manager software, and Firepower 9000 Series devices. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected device.

US-CERT encourages users and administrators to review the following Cisco Security Advisories on the Modular Encoding Platform D9036 and UCS Manager and Firepower 9000 vulnerabilities and apply the necessary updates.

ISC Releases Security Updates for BIND

The Internet Systems Consortium (ISC) has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.8-P3
  • BIND 9 version 9.10.3-P3
  • BIND 9 version 9.9.8-S4

Users and administrators are encouraged to review ISC Knowledge Base Articles AA-01335 and AA-01336 and apply the necessary updates.

Linux Kernel Vulnerability

US-CERT is aware of a Linux kernel vulnerability affecting Linux PCs and servers and Android-based devices. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

US-CERT recommends that users and administrators review the Redhat Security Blog and the Debian Security Bug Tracker for additional details and refer to their Linux or Unix-based OS vendors for appropriate patches.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top