The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

RSS feed for current activities

SAP Releases September 2021 Security Updates 

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the SAP Security Notes for September 2021 and apply the necessary updates.

Microsoft Releases September 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review Microsoft’s September 2021 Security Update Summary and Deployment Information and apply the necessary updates.

Google Releases Security Updates for Chrome

Google has released Chrome version 93.0.4577.82 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.

CERT NZ Releases Ransomware Protection Guide for Businesses

The New Zealand Computer Emergency Response Team (CERT NZ) has released a guide on ransomware protection for businesses. The guide includes a pair of helpful diagrams that outline different ransomware attack pathways and illustrate where relevant security controls can work to protect or stop an attack.  

Apple Releases Security Updates to Address CVE-2021-30858 and CVE-2021-30860

Apple has released security updates to address vulnerabilities—CVE-2021-30858 and CVE-2021-30860—in multiple products.  An attacker could exploit these vulnerabilities to take control of an affected device. CISA is aware of public reporting that these vulnerabilities may have been exploited in the wild.

CISA encourages users and administrators to review the security update pages for the following products and apply the necessary updates.

CISA's Annual National Cybersecurity Summit

CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation: