The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

RSS feed for current activities

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Samba Security Announcements for CVE-2020-27840 and CVE-2021-20277 and apply the necessary updates and workarounds.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. 

Webshells Observed in Post-Compromised Exchange Servers  

CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each new MAR (AR21-084A and AR21-084B) identifies a webshell observed in post-compromised Microsoft Exchange Servers.

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the Mozilla security advisories for Firefox 87, Firefox ESR 78.9, and Thunderbird 78.9.

Adobe Releases Security Updates for ColdFusion

Adobe has released security updates to address a vulnerability affecting ColdFusion. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Adobe Security Bulletin APSB21-16 and apply the necessary updates.

Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in Cisco Small Business routers. A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Cisco Advisory cisco-sa-rv-132w134w-overflow-Pptt4H2p and apply the necessary updates.