Schneider Electric Spectrum Power (Update A) (ICSA-19-190-04) – Products Used in the Energy Sector
August 13, 2019
The NCCIC has updated this advisory with additional information on the affected products. Read the advisory at CISA.
July 9, 2019
Cybersecurity
Delta Industrial Automation DOPSoft (ICSA-225-01)
The NCCIC has published an advisory on out-of-bounds read and use after free vulnerabilities in Delta Industrial Automation DOPSoft. DOPSoft Version 4.00.06.15 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or crash of the application. Delta recommends users update to the latest version of DOPSoft, version 4.00.06.47, and restrict interaction with the application to trusted files. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.
OSIsoft PI Web API (ICSA-19-225-02) – Products Used in the Water and Wastewater and Energy Sectors
The NCCIC has published an advisory on inclusion on sensitive information in log files and protection mechanism failure vulnerabilities in OSIsoft PI Web API. PI Web API 2018 and prior are affected. Successful exploitation of these vulnerabilities may allow direct attacks against the product and disclose sensitive information. OSIsoft recommends users upgrade to PI Web API 2018 SP1 or later to resolve these issues. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.
Microsoft Releases August 2019 Security Updates
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Visual Studio, Online Services, Active Directory, and Microsoft Dynamics. Read the update at Microsoft.
Australia Releases Advisory on Password Spraying Attacks
The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks, noting it is aware of a high volume of such attacks targeting Australian organizations. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
U.S. Accounts for More than Half of World’s Ransomware Attacks
According to Malwarebytes’ Q1 2019 Cybercrime Tactics and Techniques report, the U.S. is the country most affected by ransomware, with data from the company revealing that 53 percent of ransomware detections came from the country. Canada, which is the second most impacted country in the list, accounts for 10 percent of the ransomware detections. Further analysis of the statistics shows that ransomware attacks were most prevalent in Texas and California.
Wind River VxWorks (Update A) (ICSA-19-211-01) – Products Used in the Water and Wastewater Sector
August 8, 2019
The NCCIC has updated this advisory by noting that Dräger and Schneider Electric, which are vendors of products that are affected by vulnerability, have released security advisories related to their products. Read the advisory at CISA.
July 30, 2019
Penetration Testing – Use Caution When Selecting a Provider
While penetration tests (pentests) are a valuable tool in the cyber-quiver to find network vulnerabilities before the bad guys do, a lack of standards contribute to questionable practices that expose sensitive client data in publicly available repositories.
SWAPGS Spectre Side-Channel Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1 – that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems' memory. Spectre is a flaw an attacker can exploit to force a program to reveal its data.
FTC Releases Alert on the Capital One Data Breach
The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users to check and monitor their credit report to protect against identify theft and to be aware of potential phishing scams related to the breach.
Pages
