The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

RSS feed for current activities

Citrix Releases Security Updates for Virtual Apps and Desktops

Citrix has released security updates to address a vulnerability in multiple versions of Virtual Apps and Desktops. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Citrix Security Update CTX319750 and apply the necessary updates.

SAP Releases July 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary updates.

CISA Issues Emergency Directive on Microsoft Windows Print Spooler

CISA has issued Emergency Directive (ED) 21-04: Mitigate Windows Print Spooler Service Vulnerability addressing CVE-2021-34527. Attackers can exploit this vulnerability to remotely execute code with system level privileges enabling a threat actor to quickly compromise the entire identity infrastructure of a targeted organization.  

Microsoft Releases July 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s July 2021 Security Update Summary and Deployment Information and apply the necessary updates.

VMware Releases Security Update

VMware has released a security update to address a vulnerability in VMware ESXi and VMware Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0014 and apply the necessary update.

Kaseya Ransomware Attack: Guidance and Resources

CISA has created a webpage to provide information and guidance for the recent ransomware attack against Kaseya customers that include managed service providers (MSPs) and customers of those MSPs.

CISA encourages affected organizations to review Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers for more information.