U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Video Game Phishing

US-CERT is aware of reports that some users on the Xbox 360 video game system are receiving potential phishing attempts through an in-game messaging service. In-game message phishing is not a Microsoft issue and has nothing to do with Xbox LIVE. Games are products of third party developers that are playable on Xbox LIVE and other gaming systems.

Microsoft has posted a service alert on the Xbox LIVE status page regarding this issue.

US-CERT encourages users to take the following measures to protect themselves from these types of phishing attacks:

Mozilla Releases Firefox updates

Mozilla has released Firefox 4.0.1, 3.6.17, and 3.5.19 to address multiple vulnerabilities. The impact of these vulnerabilities includes arbitrary code execution, privilege escalation, directory traversal, and information disclosure.

US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories for April 28, 2011 and apply any necessary updates to mitigate the risks.

Cisco Releases Security Advisory for Cisco Unified Communications Manager

Cisco has released a security advisory to address multiple vulnerabilities in Cisco Unified Communications Manager. These vulnerabilities may allow an attacker to perform SQL injection attacks, conduct directory traversal attacks, or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110427-cucm and apply any necessary updates or workarounds to help mitigate the risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top