US-CERT Current Activity
FBI Releases Article on Building a Digital Defense with Credit Reports
Original release date: May 23, 2018

FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.

NCCIC encourages consumers to review the FBI Article and NCCIC's Tip on Preventing and Responding to Identity Theft.


This product is provided subject to this Notification and this Privacy & Use policy.


23-05-2018
VPNFilter Destructive Malware
Original release date: May 23, 2018

NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage (NAS) devices. Devices compromised by VPNFilter may be vulnerable to the collection of network traffic (including website credentials), as well as the monitoring of Modbus supervisory control and data acquisition (SCADA) protocols.

VPNFilter has a destructive capability that can make the affected device unusable. Because the malware can be triggered to affect devices individually or multiple devices at once, VPNFilter has the potential to cut off internet access for hundreds of thousands of users.

NCCIC encourages users and administrators to review the Cisco blog post on VPNFilter and NCCIC's Tip on Home Network Security for recommendations and to ensure that their devices are updated with the latest patches. NCCIC will provide updated information as it becomes available.


This product is provided subject to this Notification and this Privacy & Use policy.


23-05-2018
Tragedy-Related Scams
Original release date: May 21, 2018

In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to the event.

To avoid becoming a victim of fraudulent activity, NCCIC encourages users and administrators to review NCCIC's Tips on Using Caution With Email Attachments and Avoiding Social Engineering and Phishing Attacks as well as the Federal Trade Commission's article on Before Giving to a Charity.


This product is provided subject to this Notification and this Privacy & Use policy.


21-05-2018
Mozilla Releases Security Update for Thunderbird
Original release date: May 18, 2018

Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.8 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


18-05-2018
ISC Releases Security Advisories for BIND
Original release date: May 18, 2018

The Internet Systems Consortium (ISC) has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

NCCIC encourages users and administrators to review ISC Knowledge Base Articles AA-01602 and AA-01606 and apply the necessary updates or workarounds.


This product is provided subject to this Notification and this Privacy & Use policy.


18-05-2018
Cisco Releases Security Updates
Original release date: May 16, 2018

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


16-05-2018
FBI Releases Article on Digital Defense Against ID Theft
Original release date: May 16, 2018

FBI has released an article on building a digital defense against identify theft. FBI explains that the growing number of data breaches put more people at risk of becoming a victim of identity theft. However, implementing basic security practices can help users minimize their risk.

NCCIC encourages consumers to review the FBI Article and the following NCCIC Tips for more information:


This product is provided subject to this Notification and this Privacy & Use policy.


16-05-2018
Red Hat Addresses DHCP Client Vulnerability
Original release date: May 16, 2018

Red Hat has released security updates to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Red Hat Enterprise Linux 6 and 7. An attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review the Red Hat Security Advisory 1567974VMSA and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


16-05-2018
VMware Releases Security Update
Original release date: May 15, 2018

VMware has released a security update to address a vulnerability in NSX SD-WAN Edge by VeloCloud. A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0011 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


15-05-2018
OpenPGP, S/MIME Mail Client Vulnerabilities
Original release date: May 14, 2018

The CERT Coordination Center (CERT/CC) has released information on email client vulnerabilities that can reveal plaintext versions of OpenPGP- and S/MIME-encrypted emails. A remote attacker could exploit these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review CERT/CC’s Vulnerability Note VU #122919, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.


This product is provided subject to this Notification and this Privacy & Use policy.


14-05-2018