US-Cert

A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
  1. Original release date: August 16, 2017

    Drupal has released an advisory to address several vulnerabilities in Drupal 8.x. A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information.

    US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to version 8.3.7.


    This product is provided subject to this Notification and this Privacy & Use policy.


  2. Original release date: August 16, 2017

    Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

    US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

    • Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability cisco-sa-20170816-apic1
    • Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability cisco-sa-20170816-apic2
    • Cisco Virtual Network Function Element Manager Arbitrary Command Execution Vulnerability cisco-sa-20170816-em

    This product is provided subject to this Notification and this Privacy & Use policy.


  3. Original release date: August 11, 2017

    Symantec has released an update to address vulnerabilities in the Symantec Messaging Gateway. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

    US-CERT encourages users and administrators to review the Symantec Security Advisory and apply the necessary update.


    This product is provided subject to this Notification and this Privacy & Use policy.


  4. Original release date: August 09, 2017 | Last revised: August 10, 2017

    Juniper Networks has released a security advisory that addresses a vulnerability in Junos OS. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

    US-CERT encourages users and administrators to review the Juniper Security Advisory and apply necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  5. Original release date: August 08, 2017

    The Federal Trade Commission (FTC) has released an alert on government grant scams. In these schemes, scammers pose as government officials to get consumers to send them money. Anytime someone asks you to pay money to get money, stop and think twice.

    US-CERT encourages consumers to refer to the FTC Alert and the US-CERT Tip on Real-World Warnings Keep You Safe Online for more information.


    This product is provided subject to this Notification and this Privacy & Use policy.


София plus.google.com/102831918332158008841 EMSIEN-3