Alerts

ICS-CERT Releases WannaCry Fact Sheet

Original release date: May 17, 2017 The Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) has released a short overview of the WannaCry ransomware infections. This fact sheet provides information on how the WannaCry program spreads, what users should do if they have been infected, and how to protect against similar attacks in the future. US-CERT encourages users and administrators to review the ICS-CERT Fact Sheet on WannaCry and the US-CERT Current Activity on the topic. For more technical details, …
Read More »


Joomla! Releases Security Update for CMS

Original release date: May 17, 2017 Joomla! has released version 3.7.1 of its Content Management System (CMS) software to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla! Security Release and US-CERT’s Alert on Content Management Systems Security and Associated Risks and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.


WordPress Releases Security Update

Original release date: May 17, 2017 WordPress versions prior to 4.7.5 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.7.5. This product is provided subject to this Notification and this Privacy & Use policy.


FTC Releases Alert on Fraudulent Emails

Original release date: May 16, 2017 The Federal Trade Commission (FTC) has released an alert about scammers sending out fake emails that look authentic to trick you into sending money to them. Users should be suspicious of unsolicited phone calls or email messages from individuals asking about your information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company. US-CERT encourages users and administrators to refer to the …
Read More »


Apple Releases Security Updates

Original release date: May 15, 2017 Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates: macOS Sierra, Security Updates iOS watchOS tvOS iCloud for Windows Safari iTunes for Windows This product is provided subject to this Notification and this Privacy & Use policy.


SB17-135: Vulnerability Summary for the Week of May 8, 2017

Original release date: May 15, 2017 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »


TA17-132A: Indicators Associated With WannaCry Ransomware

Original release date: May 12, 2017 | Last revised: May 13, 2017 Systems Affected Microsoft Windows operating systems Overview According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in as many as 74 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages. The latest version of this ransomware variant, known as WannaCry, WCry, …
Read More »


Multiple Ransomware Infections Reported

Original release date: May 12, 2017 US-CERT has received multiple reports of ransomware infections in several countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored. Users and administrators are encouraged to review the US-CERT Alert TA16-091A to learn how to best protect …
Read More »


FTC Announces Resources for Small Businesses

Original release date: May 09, 2017 The Federal Trade Commission (FTC) has released an announcement about its new website devoted to protecting small businesses. This resource aims to help business owners avoid scams, protect their computers and networks, and keep their customers’ and employees’ data safe. Business owners and other interested parties are encouraged to explore the new FTC website and review US-CERT resources for small and midsize businesses. This product is provided subject to this Notification and this Privacy …
Read More »


Microsoft Releases May 2017 Security Updates

Original release date: May 09, 2017 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft’s May 2017 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.