The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
The Federal Bureau of Investigation (FBI) has launched the Safe Online Surfing (SOS) Challenge, encouraging educators to promote web literacy and safety for students during the 2019-20 school year. FBI developed the program to educate children on how to navigate the web securely using activities that correspond with specific grade levels. Public, private, and home schools with at least five students are eligible to participate in the online challenge.
U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends users and administrators review the CISA Tip on Protecting Against Malicious Code for best practices on protecting systems and networks against malware.
Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server.
The Cybersecurity and Infrastructure Security Agency (CISA) has observed an increase in ransomware attacks across the Nation. Helping organizations protect themselves from ransomware is a chief priority for CISA. Organizations are encouraged to review the following resources to help prevent, mitigate, and recover against ransomware:
WordPress 5.2.2 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.2.3.
Describes what cloud computing is, discusses how it can help, and outlines possible security concerns.
Recommendations for best practices to achieve system integrity through software authenticity and...
Introduces emerging threats likely to have a significant impact on mobile devices and their users.
These reports summarize general activity, including updates to the National Cyber Awareness System, for past months in addition to other newsworthy events or highlights.
Web browsers are a common method attackers use to compromise systems. Learn how to secure your web browser and better protect against exploits.
This document provides guidance and resources for recovering a computer after it has been infected with a Trojan Horse or virus including steps to prevent it from happening again.