In mid-December, human rights organization, Amnesty International reported having been the victim of two phishing campaigns, likely by the same attackers. Amnesty reported the attackers bypassed two-factor authentication (2FA) methods to steal credentials to obtain and maintain access to hundreds of victim's Google and Yahoo accounts.
The NCCIC has published an advisory on a use after free vulnerability in Schneider Electric Zelio Soft 2. Versions 5.1 and prior are affected. Successful exploitation of this vulnerability could allow for remote code execution when opening a specially crafted project file. Schneider Electric has released Version 5.2 of the affected software and a security notification. The NCCIC also advises on a series of mitigating measures for this vulnerability. NCCIC/ICS-CERT.
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, .NET Framework, ASP.NET, Microsoft Exchange Server, and Microsoft Visual Studio. Microsoft.
The National Counterintelligence and Security Center, an entity within the Office of the Director of National Intelligence, has launched a campaign of disseminating videos, brochures, and other informative materials to help organizations guard against growing threats from foreign intelligence entities and other adversaries. One of the categories of materials for this program is “Know the Risk, Raise Your Shield,” which is intended to raise awareness among organizations and equip them with best practices for protecting their data, assets, technologies, and networks.
The NCCIC has published an advisory on an improper input validation vulnerability in Schneider Electric Pro-face GP-Pro Ex. Versions 4.08 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to modify code to launch an arbitrary executable upon launch of the program. Schneider Electric has produced Version 4.08.200 of the software to address this vulnerability. The NCCIC also advises on a series of mitigating measures for this vulnerability.
The NCCIC has published an advisory on a resource management error vulnerability in Yokogawa Vnet/IP Open Communication Driver. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to cause Vnet/IP network communications to controlled devices to become unavailable. Yokogawa recommends users of affected devices and versions update to the latest available release. The NCCIC also advises on a series of mitigating measures for this vulnerability.
The NCCIC has published an advisory on an authentication bypass by capture-replay vulnerability. All versions prior to r161 are affected. Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands, control the device, or stop the device from running. Hetronic recommends that all Nova-M users update their radio transmitters and receivers. The NCCIC also advises on a series of mitigating measures for this vulnerability. NCCIC/ICS-CERT.
The FBI has released a FLASH message regarding information it has obtained on activities performed by a group of malicious cyber actors associated with the Chinese government referred to as “APT10.” On December 20, officials from the U.S. Department of Justice and the U.S.
Cryptojacking refers to the practice of attackers harnessing the processing power of computers they don’t own to mine for cryptocurrency, such as Bitcoin or Monero. Cryptojacking’s popularity soared when cryptocurrencies hit their all-time highs in late 2017 and early 2018, and attackers adapted the malware used for these activities to go after mobile devices, cloud infrastrucuture, Internet of Things devices, and even operational technology (OT).
An increasing amount of the work the U.S. Department of Security dedicates to improving the cybersecurity of U.S. critical infrastructure is being performed in offices at Idaho National Labarotory (INL) in Idaho Falls, Idaho.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
