The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

NCSC Releases Advisory on Securing Internet-Connected Cameras

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an advisory on securing internet-connected cameras such as smart security cameras and baby monitors. An attacker could gain access to unsecured, or poorly secured, internet-connected cameras to obtain live feeds or images.

The following steps can help consumers secure their devices.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

Point-to-Point Protocol Daemon Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish internet links such as those over dial-up modems, DSL connections, and Virtual Private Networks.

Social Security Administration Designates March 5 as National ‘Slam the Scam’ Day

In association with the Federal Trade Commission’s National Consumer Protection Week, the Social Security Administration (SSA) has designated March 5 as National “Slam the Scam” Day to educate Americans about telephone scammers impersonating government employees. These scammers aim to gain potential victims’ trust and steal their money and personally identifiable information.  
 
The Cybersecurity and Infrastructure Security Agency (CISA) reminds consumers:

Google Releases Security Updates for Chrome

Google has released Chrome version 80.0.3987.132 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.