Litzsey Tech - Client Cybersecurity Newsletter
June 29, 2025
Dear Valued Clients,
We're committed to keeping you informed about the latest in cybersecurity. Here's a summary of recent important updates:
1. CISA Releases New Industrial Control Systems Advisories
The
Cybersecurity and Infrastructure Security Agency (CISA) recently
released two new advisories on June 26, 2025, concerning Industrial
Control Systems (ICS). These advisories provide crucial information on
current security issues, vulnerabilities, and exploits affecting ICS. We
encourage all organizations to review these advisories for technical
details and recommended mitigations.
2. CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA
has added three new vulnerabilities to its Known Exploited
Vulnerabilities (KEV) Catalog due to evidence of active exploitation.
These include:
- CVE-2024-54085: AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability
- CVE-2024-0769: D-Link DIR-859 Router Path Traversal Vulnerability
- CVE-2019-6693: Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
3. New Guidance on Reducing Memory-Related Vulnerabilities
CISA, in partnership with the National Security Agency (NSA), released a joint guide on June 24, 2025, focusing on reducing memory-related vulnerabilities in modern software development. Memory safety vulnerabilities are serious risks to national security and critical infrastructure. Adopting memory-safe languages (MSLs) is presented as the most comprehensive way to mitigate these vulnerabilities, as they offer built-in safeguards. This guide highlights challenges and approaches for transitioning to more secure software development practices.
4. CISA Releases Eight Industrial Control Systems Advisories
On June 24, 2025, CISA released eight additional Industrial Control Systems (ICS) advisories. These advisories offer timely information on security issues, vulnerabilities, and exploits related to ICS. Organizations should review these for technical details and mitigation strategies.
5. Texas Enacts Right to Repair Law
Texas recently became the 8th U.S. state to pass a right-to-repair law for consumer electronics, with Governor Greg Abbott signing House Bill 2963 into law on June 20th. This law requires manufacturers to provide spare parts, manuals, and repair tools to consumers and independent repair shops at a fair price. This is a significant step towards reducing electronic waste and empowering consumers to fix their devices. The law, however, does not cover home appliances.
6. The "16 Billion Password Breach" Story is Debunked
An email from Chris Wiser of 7 Figure MSP™ addresses the recent "16 billion password breach" story, stating it is "BS." The email emphasizes that continued hard work in business growth, much like in weightlifting, leads to breakthroughs, even if results aren't immediately visible. Activities like cybersecurity briefings, cold outreach, public speaking, and email newsletters are highlighted as leading indicators of future success.
We hope this summary is helpful. Please reach out if you have any questions or require further assistance with your cybersecurity needs.
Sincerely,
Kenneth Litzsey
Litzsey Tech
--
