The FBI has released a FLASH message regarding information it has obtained on activities performed by a group of malicious cyber actors associated with the Chinese government referred to as “APT10.” On December 20, officials from the U.S. Department of Justice and the U.S.
Cryptojacking refers to the practice of attackers harnessing the processing power of computers they don’t own to mine for cryptocurrency, such as Bitcoin or Monero. Cryptojacking’s popularity soared when cryptocurrencies hit their all-time highs in late 2017 and early 2018, and attackers adapted the malware used for these activities to go after mobile devices, cloud infrastrucuture, Internet of Things devices, and even operational technology (OT).
An increasing amount of the work the U.S. Department of Security dedicates to improving the cybersecurity of U.S. critical infrastructure is being performed in offices at Idaho National Labarotory (INL) in Idaho Falls, Idaho.
The NCCIC has published an advisory on an improper input validation vulnerability in Rockwell Automation FactoryTalk Services Platform. Versions 2.90 and earlier are affected. Successful exploitation of this vulnerability could allow a remote attacker to diminish communications or cause a complete denial of service to the device. Rockwell Automation recommends that affected users update to the latest version of the application. The NCCIC also advises on a series of mitigating measures for these vulnerabilities.
The NCCIC has published an advisory on an improper input validation vulnerability in Horner Automation Cscape. Versions 9.80.75.3 SP3 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read confidential information, and may allow an attacker to remotely execute arbitrary code. Horner Automation recommends affected users update to the latest version of Cscape (Version 9.80 SP4). The NCCIC also advises on a series of mitigating measures for these vulnerabilities.
December 20, 2018
The NCCIC has updated this advisory with additional information on the affected product. ICS-CERT.
March 13, 2018
Earlier today, officials from the U.S. Department of Justice, including Deputy Attorney General Rod Rosenstein and FBI Director Christopher Wray, announced criminal indictments against computer hackers associated with the Chinese government. This case is significant because the hackers are accused of compromising Managed Service Providers (MSPs), which include Cloud Service Providers.
Microsoft has released security updates to address a vulnerability in Internet Explorer 9, 10, and 11. An attacker could exploit this vulnerability to take control of an affected system. The NCCIC encourages users and administrators to review the Microsoft Security Advisory and the CERT Coordination Center's Vulnerability Note VU#573168 and apply the necessary updates.
The NCCIC has published an advisory on an improper authentication vulnerability in ABB M2M ETHERNET. For FW, version 2.22 and prior are affected. For ETH-FW, versions prior to 1.01 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to upload a malicious language file. ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. NCCIC/ICS-CERT.
The NCCIC has published an advisory on an improper authentication vulnerability in ABB CMS-770. All versions prior to 1.7.1 are affected. Successful exploitation of this vulnerability may allow an attacker to read sensitive configuration files that may lead to code execution on the device. ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. The NCCIC also advises on a series of mitigating measures for these vulnerabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
