Latest Alerts

Bulletins

Vulnerability Summary for the Week of July 22, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 202ecommerce--paypal  In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop…

Comments Off on Vulnerability Summary for the Week of July 22, 2024
July 30, 2024
Current Activity

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of…

Comments Off on ISC Releases Security Advisories for BIND 9
July 25, 2024
Bulletins

Vulnerability Summary for the Week of July 15, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Patch Info 1Panel-dev--1Panel  1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via…

Comments Off on Vulnerability Summary for the Week of July 15, 2024
July 23, 2024
Current Activity

Widespread IT Outage Due to CrowdStrike Update

Note: CISA will update this Alert with more information as it becomes available. As of 1130am EDT July 19, 2024:  CISA is aware of the widespread outage affecting Microsoft Windows…

Comments Off on Widespread IT Outage Due to CrowdStrike Update
July 20, 2024
Current Activity

Ivanti Releases Security Updates for Endpoint Manager

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to…

Comments Off on Ivanti Releases Security Updates for Endpoint Manager
July 19, 2024
Bulletins

Vulnerability Summary for the Week of July 8, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info Adobe--Bridge  Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability…

Comments Off on Vulnerability Summary for the Week of July 8, 2024
July 15, 2024
Current Activity

AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages…

Comments Off on AT&T Discloses Breach of Customer Data
July 13, 2024
Current Activity

CISA Releases Twenty-one Industrial Control Systems Advisories

CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect…

Comments Off on CISA Releases Twenty-one Industrial Control Systems Advisories
July 12, 2024
Current Activity

CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth

Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details…

Comments Off on CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth
July 12, 2024