You are here

Home » Cybersecurity

Cybersecurity

Malicious Cyber Activity Targeting ERP Applications

The NCCIC advises that Digital Shadows Ltd. and Onapsis Inc. have released a report describing an increase in the exploitation of vulnerabilities in Enterprise Resource Planning (ERP) applications. ERP applications help organizations manage critical business processes—such as product lifecycle management, customer relationship management, and supply chain management. An attacker can exploit these vulnerabilities to obtain access to sensitive information.

Private Sector Played Critical Role in WannaCry Attribution, ODNI Official Says

Private sector companies had a key role in the U.S. government’s attribution of last year’s WannaCry ransomware epidemic to North Korea, said Office of the Director of National Intelligence (ODNI) Cyber Threat Intelligence Integration Center (CTIIC) Director Tonya Ugoretz. She explained CTIIC learned of information about WannaCry that had been fed to the Department of Homeland Security by its private sector partners. This information allowed the U.S.

Identity and Access Management for Electric Utilities

The National Institute of Standards and Technology (NIST) has released a special publication that provides guidance and best practices for electric utilities to securely and efficiently manage access to the networked devices and facilities on which power generation, transmission, and distribution depend. According to NIST, such guidance is especially necessary now given the challenges posed by the convergence of OT and IT departments.

Emotet Malware - Costly and Destructive Malware Affecting Public and Private Sectors

The NCCIC has released a Threat Alert on the Emotet malware, an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors. Emotet is disseminated through malspam (emails containing malicious attachments or links) that uses branding familiar to the recipient and imitates PayPal receipts, shipping notifications, or “past-due” invoices.

Moxa Nport 5210 5230 5232 (ICSA-18-200-04) – Product Used in the Energy Sector

The NCCIC has released an advisory on a resource exhaustion vulnerability in Moxa Nport 5210 5230 5232. Versions 2.9 build 17030709 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to send TCP SYN packages, causing a resource exhaustion condition that would cause the device to become unavailable. Moxa recommends that users upgrade to the latest firmware version.

AVEVA InTouch (ICSA-18-200-02) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in AVEVA InTouch. Numerous versions of this product are affected. Successful exploitation of this vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as those of the InTouch View process which could lead to a compromise of the InTouch HMI. Systems are only vulnerable if the operating system locales do not use a dot floating point separator. AVEVA recommends a series of mitigation measures for each version of the software affected.

Pages

Subscribe to Cybersecurity