The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

CISA Insights: Email-Based Attacks on Elections-Related Entities

The Cybersecurity and Infrastructure Security Agency (CISA) has released CISA Insights: Actions to Counter Email-Based Attacks on Elections-Related Entities in light of increased sophisticated phishing operations targeting individuals and groups involved in the upcoming U.S. elections.

ACSC Releases Annual Cyber Threat Report for 2019–2020

The Australian Cyber Security Centre (ACSC) has released its annual report on key cyber threats and statistics from 2019–2020. The report highlights that phishing and spearphishing are still the most common cyberattacks, and ransomware has become a significant threat to operations across multiple sectors.    

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

Google Releases Security Updates for Chrome

Google has released Chrome version 85.0.4183.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

Microsoft Releases September 2020 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

DoS and DDoS Attacks against Multiple Sectors

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business organizations worldwide. A DoS attack is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users.