November 5, 2020
CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.
August 4, 2020
November 5, 2020
CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.
June 16, 2020
CISA has updated this advisory with additional information on mitigation measures. Read the advisory at CISA.
June 10, 2020
CISA has published an advisory on improper restriction of operations within the bounds of a memory buffer, session fixation, NULL pointer dereference, improper access control, argument injection, and resource management errors vulnerabilities in Mitsubishi Electric GT14 Model of GOT1000 Series products.
CISA has published an advisory on stack-based buffer overflow and heap-based buffer overflow vulnerabilities in WECON PLC Editor. Versions 1.3.8 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application. WECON is aware of these vulnerabilities and is currently developing a solution. CISA also recommends a seried of measures to mitigate these vulnerabilities.
It is not uncommon for OT/ICS cybersecurity to fall under the authority of IT. This isn’t necessarily a bad thing, unless IT is taking responsibility/action and lacks OT-specific knowledge. While many concepts can be drawn from IT security to help secure OT, many of the processes do not translate well. The opposite also presents a challenge, as many OT operators and engineers may not have cybersecurity experience. This is why it is imperative for both OT and IT cybersecurity teams to work together; however, that isn’t always as easy as it sounds.
Last week we talked about responding to cyber threats during the 15CFAM series. We said that, developing plans for how utilities will respond to cyber incidents is critical for resilience from such events.
It is no surprise threat actors are notorious for using current events in social engineered phishing campaigns. Malwarebytes discovered a current malspam campaign exploiting doubts about the election process that is delivering Qbot/Qakbot – malware often found in conjunction with Emotet. According to Malwarebytes, this current campaign is stealing email threads to be used in future campaigns. The phish contains a bogus DocuSign document attachment purporting to include information on election interference.
Oracle has released an out-of-band security alert to address a remote code execution vulnerability—CVE-2020-14750 - in Oracle WebLogic Server. A remote attacker can exploit this vulnerability to take control of an affected system. CISA urges users and administrators review the Oracle Security Alert and apply the necessary updates.
CISA has published an advisory on deserialization of untrusted data, access to critical private variable via public method, and information exposure of sensitive information to an unauthorized actor vulnerabilities in ARC Informatique PcVue. PcVue Versions 8.10 to versions prior to 12.0.17 are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, expose sensitive data, and prevent legitimate users from connecting to PcVue services. ARC Informatique recommends upgrading PcVue to v12.0.17. CISA also recommen
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
