Attacks

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages customers to review the following AT&T article for additional information and follow necessary guidance to help protect personal information.    AT&T: Unlawful access of customer data

Read More

Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details key findings and lessons learned from a 2023 assessment, along with the red team’s tactics, techniques, and procedures (TTPs) and associated network defense activity. The CSA also provides recommendations to assist executives, leaders, and network defenders in all organizations with refining their cybersecurity, detection, response,…

Read More

CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect Server ICSA-24-193-02 Siemens RUGGEDCOM APE 1808 ICSA-24-193-03 Siemens Teamcenter Visualization and JT2Go ICSA-24-193-04 Siemens Simcenter Femap ICSA-24-193-05 Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC ICSA-24-193-06 Siemens RUGGEDCOM ICSA-24-193-07 Siemens SIMATIC and SIMIT ICSA-24-193-08 Siemens Mendix Encryption Module ICSA-24-193-09 Siemens SINEMA Remote Connect Server ICSA-24-193-10 Siemens JT…

Read More

Today, CISA and FBI are releasing their newest Secure by Design Alert in the series, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887) to target and compromise users. These vulnerabilities allowed unauthenticated malicious actors to remotely execute code on network edge devices. OS command injection vulnerabilities have long been preventable by clearly separating user input from the contents of a…

Read More

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following and apply necessary updates:     Microsoft Security Update Guide for July

Read More

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action outlining a PRC state-sponsored cyber group’s activity. The following organizations also collaborated with ASD’s ACSC on the guidance: The National Security Agency (NSA); The Federal Bureau of Investigation (FBI); The United Kingdom’s National Cyber Security Centre (NCSC-UK); The Canadian Centre for Cyber Security (CCCS);…

Read More

Juniper Networks released a security bulletin to address a vulnerability in Junos OS: SRX Series. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.  Users and administrators are encouraged to review the following and apply the necessary updates: JSA83195 Juniper Security Bulletin

Read More

Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following bulletin and apply the necessary updates: MOVEit Transfer Critical Security Alert Bulletin – June 2024 – (CVE-2024-5806)

Read More

Today, CISA, in partnership with the Federal Bureau of Investigation, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, released Exploring Memory Safety in Critical Open Source Projects. This guidance was crafted to provide organizations with findings on the scale of memory safety risk in selected open source software (OSS). This joint guidance builds on the guide The Case for Memory Safe Roadmaps by providing a starting point for software manufacturers to…

Read More

Today, CISA released Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized businesses (SMBs). The report also identifies potential ways to overcome these challenges and improve an SMB’s level of security.  CISA also released a related blog post, Why SMBs Don’t Deploy Single Sign-On (SSO), urging software manufacturers to consider how their business practices may inadvertently reduce…

Read More