March 5, 2019
The NCCIC has updated this advisory with additional technical details of the affected products and mitigating measures. Read the advisory at NCCIC/ICS-CERT.
January 31, 2019
The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Rockwell Automation RSLinx Classic. Versions 4.10.00 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the target device. Rockwell Automation has released patches to address earlier versions of RSLinx Classic including v3.60, v3.70, v3.80, v3.81, v3.90, v4.00.01, v4.10. The NCCIC also advises on a series of measures for mitigating this vulnerability.
An article from the MIT Technology Review on Triton malware includes commentary from Julian Gutmanis, a cybersecurity consultant who was hired by a petrochemical plant in Saudi Arabia to assist with the response to a cyber attack on its system by the malware. Triton is unique from other types of malware targeting industrial control systems because it seeks to compromise safety instrumented systems, which keep operations running at safe levels and can shut down systems altogether to prevent life-threatening disasters.
The Internal Revenue Service (IRS) has launched its annual awareness campaign on the 12 most prevalent tax scams, known as the “Dirty Dozen.” As part of the campaign, IRS will highlight one scam each weekday. The first topic in the campaign focuses on internet phishing scams that lead to tax fraud and identity theft. IRS warns to be on alert for a continuing surge of fake emails, texts, websites, and social media attempts to steal users’ personal information.
March 5, 2019
The NCCIC has updated this advisory with additional information on mitigation measures. Read the advisory at NCCIC/ICS-CERT.
February 7, 2019
The NCCIC has published an advisory on a cross-site scripting vulnerability in PSI GridConnect Telecontrol. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to execute dynamic scripts in the context of the application, which could allow cross-site scripting attacks. PSI recommends users of affected devices update their devices to a version where this vulnerability is patched. The NCCIC also advises on a series of measures for mitigating this vulnerability.
FireEye Mandiant has just released M-Trends 2019, its annual report on major trends it observed over the past year. One of the trends noted in the report is the significant increase in governments publicly attributing attacks to threat actors, which are oftentimes other nations. FireEye Mandiant is well known for reporting on malicious cyber activity by advanced persistent threat (APT) actors, many of which it indicates are associated with nations.
Patching is a fundamental process of every OT/ICS vulnerability management strategy. Determining which patches to (or not) apply is crucial to addressing known exploits. But how are you addressing vulnerabilities that do not (or will never) have a patch? Ralph Langner, arguably the world's foremost expert on Stuxnet, posits that the worst OT/ICS vulnerabilities will never be disclosed, let alone patched. Therefore, solely relying on public vulnerability disclosures will result in gaps in your protection strategy. Mr.
National Consumer Protection Week (NCPW) is March 3–9. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft.
An article from Privacy PC discusses the types of IP spoofing, the kinds of attacks it’s used for, and how to protect yourself against this activity. IP spoofing is the name given to what might otherwise be called IP forgery or IP fraud. It’s a process whereby an attacker uses a fake IP address to hide their identity and carry out things like Distributed Denial of Service (DDoS) attacks and identity thefts.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
