U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Privacy Awareness Week

The Federal Trade Commission (FTC) has released an announcement promoting Privacy Awareness Week (PAW). PAW is an annual event fostering awareness of privacy issues and the importance of protecting personal information. This year’s theme, “Protecting Privacy is Everyone’s Responsibility,” focuses on promoting privacy awareness for consumers and businesses.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers and organizations to review FTC’s post and consider the following practices to protect privacy and safeguard data:

Mozilla Releases Security Updates for Firefox, Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 67, Firefox ESR 60.7, and Thunderbird 60.7 and apply the necessary updates.

Staying Cyber Safe During Memorial Day

As Memorial Day approaches, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to stay cyber safe. Users should be cautious of potential scams, such as unsolicited emails that contain malicious links or attachments with malware. Users should also be aware of the risks associated with online shopping and traveling with mobile devices.

CISA recommends users review the following tips for information on how to guard against these risks:

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems:

  • In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008
  • Out-of-support systems: Windows 2003 and Windows XP

A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and Microsoft Customer Guidance for CVE-2019-0708 and apply the necessary updates.

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in vCenter Server, ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0007 and VMSA-2019-0008 and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top