The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

RSS feed for current activities

Oracle Releases October 2021 Critical Patch Update

Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the Oracle October 2021 Critical Patch Update and apply the necessary updates. 

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on BlackMatter Ransomware

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released joint Cybersecurity Advisory (CSA): BlackMatter Ransomware.

Apache Releases Security Advisory for Tomcat  

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition.

CISA encourages users and administrators to review Apache’s security advisory for CVE-2021-42340 and apply the necessary updates.

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities.

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
 
CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.

Microsoft Releases October 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s October 2021 Security Update Summary and Deployment Information and apply the necessary updates.