You are here

Home » Cybersecurity

Cybersecurity

Ransomware Is a “National Crisis,” says CISA Director

At RSA Conference 2020 last week, Christopher Krebs, director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said, “I think we’re on the verge of a national crisis when it comes to ransomware.” Krebs also spoke of his agency’s role in helping to prevent the pending crisis, noting that CISA strives to serve as the “nation’s risk advisor” and plans to continue to offer training for operators of critical infrastructure.

National Consumer Protection Week

National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft. The U.S.

Hackers Scanning for Vulnerable Microsoft Exchange Servers

Attackers are actively scanning the internet for Microsoft Exchange Servers vulnerable to the CVE-2020-0688 remote code execution vulnerability patched by Microsoft two weeks ago (despite patches being made available, some organizations choose to forgo automatic updates, opting to implement them manually or not at all). The flaw is present in the Exchange Control Panel (ECP) component and is caused by Exchange's inability to create unique cryptographic keys when being installed.

Despite Widespread Ransomware Concerns, Only 38 Percent of State and Local Government Employees Trained in Prevention

According to the results of a poll recently conducted by IBM, only 38 percent of state and local government employees are trained on ransomware prevention. Additionally, budgets for managing cyber attacks have remained stagnant according to 52 percent of the state and local government IT/security professionals who were polled. These findings were in spite of 73 percent of those polled indicating they are concerned about impending ransomware threats. Additionally, 1 in 6 respondents disclosed their department had been impacted by a ransomware attack.

OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability

OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to apply the necessary update.

Building a Digital Defense with Communications

The FBI’s Portland, Oregon office has published an advisory discussing best practices for communications, such as with personal and official email, messaging apps, and social media. As the advisory notes, users should be aware of the potential dangers of cyber attacks through these various channels and of the need to opt for secure methods of communication to reduce the likelihood of intrusion. The advisory groups best practices into encryption, message retention, and access.

Honeywell WIN-PAK (ICSA-20-056-05)

CISA has published an advisory on cross-site request forgery, improper neutralization of HTTP headers for scripting syntax, and use of obsolete function vulnerabilities in Honeywell WIN-PAK. WIN-PAK 4.7.2 and prior versions are affected. Successful exploitation of these vulnerabilities allows an attacker to perform remote code execution. Honeywell recommends users with potentially affected products take steps to protect themselves, which it has provided. CISA also recommends a series of measures to mitigate the vulnerabilities.

Moxa EDS-G516E and EDS-510E Series Ethernet Switches (ICSA-20-056-04) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on stack-based buffer overflow, use of a broken or risky cryptographic algorithm, use of hard-coded cryptographic key, use of hard-coded credentials, classic buffer overflow, cleartext transmission of sensitive information, and weak password requirements in Moxa EDS-G516E and EDS-510E Series Ethernet Switches. For both series, versions 5.2 and lower are affected. Successful exploitation of these vulnerabilities could crash the device, execute arbitrary code, and allow access to sensitive information.

Moxa PT-7528 Series and PT-7828 Series Ethernet Switches (ICSA-20-056-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on stack-based buffer overflow, use of a broken or risky cryptographic algorithm, use of hard-coded cryptographic key, use of hard-coded credentials, weak password requirements, and information exposure vulnerabilities in Moxa PT-7528 Series and PT-7828 Series Ethernet Switches. For Moxa PT-7528 Series, versions 4.0 and lower are affected. For Moxa PT-7828 Series, versions 3.9 and lower are affected. Successful exploitation of these vulnerabilities could crash the device or allow access to sensitive information.

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility (ICSA-20-056-02) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on cleartext storage of sensitive information, cleartext transmission of sensitive information, and incorrectly specified destination in a communication channel vulnerabilities in Moxa ioLogik 2542-HSPA Series Controllers and IOs and IOxpress Configuration Utility. For Moxa ioLogik 2542-HSPA Series Controllers, versions 3.0 and lower are affected. IOxpress Configuration Utility, versions 2.3.0 and lower are affected. Successful exploitation of these vulnerabilities could crash the device or allow access to sensitive information.

Pages

Subscribe to Cybersecurity