U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition.

Users and administrators are encouraged to review Vulnerability Note VU#374268 for more information and update to NTP 4.2.8p2 if necessary.

IC3 Issues Alert for Fake Government Websites

The Internet Crime Complaint Center (IC3) has released an alert that warns consumers of fraudulent government-services websites that mimic legitimate ones.  Scam operators lure consumers to these fraudulent websites in order to steal their personal identifiable information (PII) and collect fees for services that are never delivered.

US-CERT encourages users to review the IC3 Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

IC3 Releases Alert on Web Site Defacements

The Internet Crime Complaint Center (IC3) has issued an alert addressing recently perpetrated Web site defacements. The defacements advertise themselves as associated with the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). However, FBI assesses that the perpetrators are not actually associated with this group. The perpetrators exploit WordPress content management system (CMS) vulnerabilities, leading to disruptive and costly effects.

Users and administrators are encouraged to review the IC3 Alert for details and refer to the US-CERT Alert TA13-024A for information on CMS security.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top