U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content Security Management Virtual Appliance (SMAv) software. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of the affected appliance.

US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.

Fraud Alert Issued on Business Email Compromise Scam

The Financial Services Information Sharing and Analysis Center (FS-ISAC) and federal law enforcement agencies have released a joint alert warning companies of a sophisticated wire payment scam referred to as business email compromise (BEC). Scammers use fraudulent information to trick companies into directing financial transactions into accounts scammers control.  

Users and administrators are encouraged to review the BEC Joint Report for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

IC3 Issues Alert on CryptoWall Ransomware

The Internet Crime Complaint Center (IC3) has issued an alert warning that U.S. individuals and businesses are still at risk of CryptoWall ransomware fraud. Scam operators use ransomware—a type of malicious software—to infect a device and restrict access until a ransom fee is paid­­. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee files will be released.

US-CERT encourages users and administrators to review the IC3 Alert for details and refer to the US-CERT Alert TA-295A for information on crypto ransomware.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top