Ok, maybe it takes a cybersecurity nerd to think cyber threat detection and incident response is fun. But be assured, if you aren’t monitoring and detecting cyber threats against your organization, it’ll be anything but fun trying to respond to an attack or other cyber incident.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. The first, on Russian APT actors, is an update to a previous CISA-FBI advisory (AA20-283A APT Actors Chaining Vulnerabilities against SLTT, Critical Infrastructure, and Elections Organizations, published on October 9, 2020) and provides information on targeting of U.S.
Alas! We get to one of my (Jennifer Lyn Walker) favorite 15CFAM topics, cybersecurity culture. Walking back through WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities guide, we wrap up another three relevant FUNdamentals into one. For this ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM) series post we visit #8-Create a Cybersecurity Culture, #9-Develop and Enforce Cybersecurity Policies and Procedures, and #12-Tackle Insider Threats.
Oracle has released its Critical Patch Update for October 2020 to address 402 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA) encourages users and administrators to review the Oracle October 2020 Critical Patch Update and apply the necessary updates.
October 21, 2020
October 20, 2020
The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Read the NSA advisory.
CISA has published an advisory on a classic buffer overflow vulnerability in Rockwell Automation 1794-AENT Flex I/O Series B. Versions 4.003 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed, resulting in a buffer overflow condition that may allow remote code execution. Rockwell Automation recommends affected users ensure they are employing proper network segmentation and security controls when implementing the affected product. CISA also recommends a series of measures to mitigate this vulnerability.
CISA has published an advisory on an improper authentication vulnerability in Hitachi ABB Power Grids XMC20 Multiservice-Multiplexer. XMC20 R4 using COGE5 versions older than co5ne_r1h07_12.esw and XMC20 R6 using COGE5 versions older than co5ne_r2d14_03.esw are affected. Successful exploitation of this vulnerability could allow an attacker to remotely take control of the product. Hitachi ABB Power Grids has corrected the problem in the different product versions and recommends users apply the firmware update at the earliest availability.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
