You are here

Home » Cybersecurity

Cybersecurity

Building a Digital Defense with Passwords

The FBI’s Portland, Oregon office has published an advisory discussing password best practices for protecting yourself and your organization. The advisory also addresses common password mistakes, such as using overly simple passwords, which are easy to an adversary to hack, and reusing passwords, making it possible for a hacker who has obtained the credentials for one account to access others. The advisory advocates for longer, complex passwords that are hard to remember. This can involve combining multiple words into a long string of at least 15 characters.

Why Threat Actors Are Increasingly Conducting Cyber Attacks on Local Government

Reflecting on Recorded Future’s finding that there’s been a dramatic increase in the number of cyber attacks against local governments over the past several years, particularly in terms of ransomware in 2019, IBM’s Security Intelligence writes about why it is that municipal organizations are such attractive targets for threat actors.

CISA Alert: Ransomware Impacting Pipeline Operations

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an alert summarizing an incident to which it recently responded. The attack affected the control and communications assets on the operational technology (OT) network of a natural gas compression facility. The incident began with a spearphishing attack that provided access to the information technology (IT) network, from which the attacker pivoted to the OT network. The attacker then deployed ransomware on both networks.

Honeywell INNCOM INNControl 3 (ICSA-20-049-01) – Product Used in the Energy Sector

CISA has published an advisory on an improper privilege management vulnerability in Honeywell INNCOM INNControl 3. Versions 3.21 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to escalate user privileges within the INNControl application. Honeywell encourages users to contact an INNCOM sales representative or authorized systems integrator to obtain information on upgrading their system(s) to the latest version.

Emerson OpenEnterprise (ICSA-20-049-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a heap-based buffer overflow vulnerability in Emerson OpenEnterprise SCADA Server. OpenEnterprise Server 2.83 is affected if Modbus or ROC Interfaces have been installed and are in use; all versions of OpenEnterprise 3.1 through 3.3.3 are also affected. Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA Server. Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 4 (3.3.4), to resolve this issue. CISA also recommends a series of measures to mitigate the vulnerability.

New and Updated Information on North Korean Malicious Cyber Activity

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have provided new and updated information on malicious cyber activity by the North Korean government. In six new Malware Analysis Reports (MARs), these agencies discuss and provide technical information for Trojan malware variants used by the North Korean government. The new Trojan malware variants include BISTROMATH, SLICKSHOES, HOTCROISSANT, ARTFULPIE, BUFFETLINE, and CROWDEDFLOUNDER.

Schneider Electric Magelis HMI Panels (ICSA-20-044-02)

CISA has published an advisory on an improper check for unusual or exceptional conditions vulnerabilities in Schneider Electric Magelis HMI Panels. All firmware versions of multiple products are affected. Successful exploitation of this vulnerability could allow a denial-of-service condition. Schneider Electric recommends users set up network segmentation and implement a firewall to block all unauthorized access to Ports 44818/TCP, 502/TCP, 6000/TCP, 6002/TCP, 8080/TCP, 8014/TCP, and 6001/TCPP. CISA also recommends a series of measures to mitigate the vulnerability.

Schneider Electric Modicon Ethernet Serial RTU (ICSA-20-044-01)

CISA has published an advisory on improper check for unusual or exceptional conditions and improper access control vulnerabilities in Schneider Electric Modicon BMXNOR0200H. All firmware versions are affected. Successful exploitation of these vulnerabilities could limit system availability. Schneider Electric recommends users set up network segmentation and implement a firewall to block all unauthorized access to Port 2404/TCP and SNMP Port 161/UDP. CISA also recommends a series of measures to mitigate the vulnerabilities.

FBI’s Internet Crime Complaint Center Releases 2019 Report

The last calendar year saw both the highest number of complaints and the highest dollar losses reported to the FBI’s Internet Crime Complaint Center (IC3), according to an annual report just published by the group. In the 2019 Internet Crime Report, the IC3 notes it received 467,361 complaints in 2019 and recorded more than $3.5 billion in losses to individual and business victims. The report describes some of the new tactics and techniques criminals deployed to carry out existing scams.

Pages

Subscribe to Cybersecurity