U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Mozilla Releases Firefox 9 and 3.6.25

The Mozilla Foundation has released Firefox 9 and Firefox 3.6.25 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or perform a cross-site scripting attack.

US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories for Firefox 9 and Firefox 3.6.25 and apply any necessary updates to help mitigate the risk.

USAA Phishing Scam and Malware Campaign

US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association (USAA) members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone section. The messages ask users to open an attached file containing malicious software that if activated could provide access to a user's personal information.

US-CERT encourages users to do the following to help mitigate the risk:

Personal Device Security During the Holiday Season

As the winter holiday travel season begins, US-CERT would like to remind users to be mindful of the security risks associated with portable devices such as smart phones, tablets, and laptops.

US-CERT would like to encourage users to review the following US-CERT Cyber Security Tips. Following the security practices suggested in each tip will help to keep your portable devices secure during the holiday season and throughout the year.

  • Cyber Security Tip ST11-001: Holiday Traveling with Personal Internet-Enabled Devices
  • Cyber Security Tip ST05-017: Cybersecurity for Electronic Devices
  • Cyber Security Tip ST04-017: Protecting Portable Devices: Physical Security

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top