The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Cisco Releases Security Updates

Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

Release of New CISA Insights on Increased Geopolitical Tensions and Threats

Stakeholders,
 
Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued a CISA Insights document entitled, “Increased Geopolitical Tensions and Threats” pertaining to the increased tension with Iran. You can read the new CISA Insights at CISA.gov/insights.
 

DHS Releases NTAS Bulletin

Today, Acting Secretary of Homeland Security Chad Wolf reissued the NTAS bulletin pertaining to the terror threat to the U.S. homeland. Upfront, you should know that: “At this time there is no specific, credible threat against the homeland.” You can read the new, entire bulletin at National Terrorism Advisory System Bulletin - January 4, 2020.
 

Secure New Internet-Connected Devices

During the holidays, internet-connected devices—also known as Internet of Things (IoT) devices—are popular gifts. These include smart cameras, smart TVs, watches, toys, phones, and tablets. Although this technology provides added convenience to our lives, it often requires that we share personal and financial information over the internet. The security of this information, and the security of these devices, is not guaranteed. For example, vendors often store personal information in databases, which may be vulnerable to cyberattacks or unintentionally exposed to the internet.

Reminder: CISA Publishes Weekly Vulnerability Summaries

Did you know that the Cybersecurity and Infrastructure Security Agency (CISA) publishes a weekly Vulnerability Bulletin? This recurring item provides a summary of all new vulnerabilities that have been recorded by the CISA-sponsored National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) within the past week. Patch information is provided when available.

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Drupal Security Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.