The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

RSS feed for current activities

Google Releases Security Updates for Chrome

Google has released Chrome version 92.0.4515.107 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.

Significant Historical Cyber-Intrusion Campaigns Targeting ICS

Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial (SLTT) governments and owners and operators of that infrastructure. The cybersecurity threats posed to the industrial control systems (ICS) that control and operate critical infrastructure are among the most significant and growing issues confronting our Nation.

Oracle Releases July 2021 Critical Patch Update

Oracle has released its Critical Patch Update for July 2021 to address 342 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Oracle July 2021 Critical Patch Update and apply the necessary updates.

Citrix Releases Security Updates 

Citrix has released security updates to address multiple vulnerabilities in Application Delivery Controller, Gateway, and SD-WAN WANOP Edition. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Citrix Security Update CTX319135 and apply the necessary updates.

Fortinet Releases Security Updates for FortiManager and FortiAnalyzer

Fortinet has released security advisory FG-IR-21-067 to address a use-after-free vulnerability in the FortiManager fgfmsd daemon. A use-after-free condition occurs when a program marks a section of memory as free but then subsequently tries to use that memory, which could result in a program crash. The use of previously freed memory in FortiManager fgfmsd daemon may allow a remote, unauthenticated attacker to execute arbitrary code as root.

U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed increasingly sophisticated Chinese state-sponsored activity targeting U.S. political, economic, military, educational, and critical infrastructure personnel and organizations. In response: