AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages…

Comments Off on AT&T Discloses Breach of Customer Data

CISA Releases Twenty-one Industrial Control Systems Advisories

CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect…

Comments Off on CISA Releases Twenty-one Industrial Control Systems Advisories

CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth

Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details…

Comments Off on CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the…

Comments Off on CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

Vulnerability Summary for the Week of July 1, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 2code -- wpqa_builder  The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some…

Comments Off on Vulnerability Summary for the Week of July 1, 2024

Vulnerability Summary for the Week of June 24, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info access_management_specialist_project -- access_management_specialist  An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows…

Comments Off on Vulnerability Summary for the Week of June 24, 2024