You are here

Home » Cybersecurity

Cybersecurity

FERC and NERC Publish Cyber Planning for Response and Recovery Study (CYPRES) Report

The Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) published a report this week on cyber planning for response and recovery that outlines best practices for the electric utility industry. The report includes observations on defensive capabilities and effectiveness of Incident Response and Recovery (IRR) plans. The report identifies common elements among the IRR plans and best practices of effective IRR plans.

FBI FLASH: Intrusion Activities of China-based Cyber Actors Associated with APT 41

The FBI has published a (TLP:WHITE) FLASH message providing technical details of cyber actors based in China, associated with APT 41, who have been indicted for computer intrusions affecting more than 100 victim companies in the U.S. and abroad. Some of the targeted victims were in the “government” industry. The FLASH describes how the actors used a wide range of tactics to gain initial access, including spear-phishing and by exploiting publicly identified security vulnerabilities, including those involving VPNs.

Advtantech WebAccess Node (ICSA-20-261-01)

CISA has published an advisory on an incorrect permission assignment for critical resource vulnerability in Advtantech WebAccess Node. All versions prior to 9.0.1 are affected. Successful exploitation of this vulnerability could allow an attacker to escalate their privileges. Advantech has released update 9.0.1 to mitigate this vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Vulnerability Management – Considerations in OT/ICS Vulnerability Assessments

Identifying and remediating vulnerabilities are paramount to a successful cybersecurity strategy. While vulnerability disclosures, CVEs, and CVSS scores are a good place to start when addressing security gaps, neither offers a complete picture or effective assessment for OT/ICS environments. After ten years of vulnerability assessments, industrial cybersecurity firm Verve has observed several common gaps and offers their top five considerations every OT/ICS environment can benefit from understanding.

National Insider Threat Awareness Month – More Resources to Tackle Insider Threats

Continuing in the spirit of National Insider Threat Awareness Month (NITAM), the InfraGardNCR chapter has publicly posted an excellent Vantage Point blog outlining a basic framework for building, reviewing, and strengthening insider threat programs. In the post, Jim Stone highlights nine fundamental steps for any size and type of organization to follow.

CISA Alert: Chinese Government-affiliated Malicious Cyber Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about cyber threat actors affiliated with the Chinese government – specifically the Ministry of State Security – targeting U.S. government agencies. CISA developed the alert with contributions from the FBI. The alert states that the threat actors are using open-source information to plan and conduct cyber operations and employing readily available exploits and exploit toolkits to quickly engage target networks.

Pages

Subscribe to Cybersecurity