The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events.

VMware Releases Security Updates for Multiple Products

VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0012 and apply the necessary updates and workarounds.

Cylance Antivirus Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Cylance Antivirus products. A remote attacker could bypass Cylance antivirus detection.

IRS Reminds Tax Professionals: Beware Phishing Emails

The Internal Revenue Service (IRS) has issued a news release warning tax professionals of the continued threat of phishing emails. Phishing emails are one of the most common ways cyber criminals steal sensitive data. Educating personnel on the risks posed by phishing emails is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data.

NIST Publishes Multifactor Authentication Practice Guide

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The guide provides e-commerce organizations multifactor authentication (MFA) protection methods they can implement to reduce fraudulent purchases.

FTC Releases Alert on the Capital One Data Breach

The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users to check and monitor their credit report to protect against identify theft and to be aware of potential phishing scams related to the breach.

This product is provided subject to this Notification and this Privacy & Use policy.

Technical Documents

Featured Articles

Related Resources