The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released a security advisory to address a vulnerability in the web server component of the Cisco Internet Streamer application, which is part of the Cisco Content Delivery System. This vulnerability may allow an attacker to cause a denial-of-service condition.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110525-spcdn and apply any necessary updates or workarounds to help mitigate the risks.
Apple has released a security advisory related to the recent Mac fake anti-virus software. The most common names for this fake anti-virus software are MacDefender, MacProtector, and MacSecurity. This fake anti-virus software is the result of a phishing scam targeting Mac users that redirects them from legitimate websites to fake websites. These fake websites notify the user that their computer is infected with a virus, and the user is tricked into installing the fake anti-virus software to solve the issue. The ultimate goal of the fake anti-virus software is to steal the user's credit card information.
US-CERT encourages users to perform the following preventative measures to help mitigate the risks:
Google has released Chrome 11.0.696.71 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 11.0.696.71 to help mitigate the security risks.