CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems (ICS) advisories on August 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-226-01 AVEVA SuiteLink Server…

Comments Off on CISA Releases Ten Industrial Control Systems Advisories

Microsoft Releases August 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users…

Comments Off on Microsoft Releases August 2024 Security Updates

Best Practices for Cisco Device Configuration

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature.…

Comments Off on Best Practices for Cisco Device Configuration

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of…

Comments Off on ISC Releases Security Advisories for BIND 9

Widespread IT Outage Due to CrowdStrike Update

Note: CISA will update this Alert with more information as it becomes available. As of 1130am EDT July 19, 2024:  CISA is aware of the widespread outage affecting Microsoft Windows…

Comments Off on Widespread IT Outage Due to CrowdStrike Update

Ivanti Releases Security Updates for Endpoint Manager

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to…

Comments Off on Ivanti Releases Security Updates for Endpoint Manager

AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages…

Comments Off on AT&T Discloses Breach of Customer Data

CISA Releases Twenty-one Industrial Control Systems Advisories

CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect…

Comments Off on CISA Releases Twenty-one Industrial Control Systems Advisories