You are here

Home » Cybersecurity

Cybersecurity

Australian Advisory on Emotet Malware Campaign

The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. In its advisory, ACSC notes the malicious emails used in this campaign are designed to spread across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies. The advisory provides indicators of compromise (IOCs) and recommendations to help organizations defend against Emotet.

Honeywell IP-AK2 (ICSA-19-297-02) – Product Used in the Energy Sector

CISA has published an advisory on a missing authentication for critical function vulnerability in Honeywell IP-AK2. Versions 1.04.07 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to download configuration files directly through a URL without authentication, exposing configuration and authorized visitor information. Honeywell released new firmware Version 1.04.15 and recommends affected users contact Honeywell customer support to resolve the issue. CISA also recommends a list of actions to mitigate this vulnerability.

Rittal Chiller SK 3232-Series (ICSA-19-297-01) – Product Used in the Energy Sector

CISA has published an advisory on missing authentication for critical function and use of hard-coded credentials vulnerabilities in Rittal Chiller SK 3232-Series. The Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4 is affected. Successful exploitation of these vulnerabilities could disrupt the primary operations of the affected component, shut down cooling to other equipment, and allow changes to the temperature set point. CISA recommends users of the product contact Rittal directly for information about mitigating these vulnerabilities.

Building a Digital Defense against E-Skimming

The FBI’s Portland, Oregon office has published an advisory providing a background of and tips for defending against e-skimming. E-skimming occurs when cyber criminals inject malicious code onto a website. The threat actor may have gained access via a phishing attack targeting employees – or through a vulnerable third-party vendor attached to a company’s server. Organizations that need to be especially wary of this kind of activity include those that take credit card payments online, as threat actors can capture credit card data in real time as the user enters its.

Password Security: How to Really “Own IT” for National Cybersecurity Awareness Month

WaterISAC Cybersecurity Risk Analyst Jennifer Walker has written an article for Homeland Security Today in which she reinforces how the theme for this year’s National Cybersecurity Awareness Month – “Own IT. Secure IT. Protect IT” – focuses on personal accountability and proactive behavior. She delves into the importance of creating and managing secure passwords, noting the poor record, generally speaking, when it comes to password hygiene.

Schneider Electric ProClima (ICSA-19-295-01) - Product Used in the Energy Sector

CISA has published an advisory on code injection, improper restriction of operations within the bounds of a memory buffer, and uncontrolled search path element vulnerabilities in Schneider Electric ProClima. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. All versions prior to 8.0.0 are affected. Schneider Electric has released Version 8.0.0 of ProClima and recommends users upgrade to this version or newer. Additionally, CISA recommends a list of actions to mitigate this vulnerability.

Horner Automation Cscape (ICSA-19-290-02)

CISA has published an advisory on improper input validation and out-of-bounds write vulnerability in Horner Automation Cscape. Cscape 9.90 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed, which may allow the attacker to access information and execute arbitrary code. Horner Automation recommends affected users update to Cscape Version 9.90 SP1 or later. Additionally, CISA recommends a list of actions to mitigate this vulnerability.

Germany’s Cybersecurity Agency Recommends Firefox as the Most Secure Browser

Firefox is the only browser that received top marks in a recent audit carried out by Germany's cyber-security agency – the German Federal Office for Information Security (or the Bundesamt für Sicherheit in der Informationstechnik – BSI). The BSI tested Mozilla Firefox 68 (ESR), Google Chrome 76, Microsoft Internet Explorer 11, and Microsoft Edge 44. The tests did not include other browsers like Safari, Brave, Opera, or Vivaldi. The audit was carried out using rules detailed in a guideline for "modern secure browsers" that the BSI published last month, in September 2019.

Pages

Subscribe to Cybersecurity