Continuing in the spirit of National Insider Threat Awareness Month (NITAM), the InfraGardNCR chapter has publicly posted an excellent Vantage Point blog outlining a basic framework for building, reviewing, and strengthening insider threat programs. In the post, Jim Stone highlights nine fundamental steps for any size and type of organization to follow.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about cyber threat actors affiliated with the Chinese government – specifically the Ministry of State Security – targeting U.S. government agencies. CISA developed the alert with contributions from the FBI. The alert states that the threat actors are using open-source information to plan and conduct cyber operations and employing readily available exploits and exploit toolkits to quickly engage target networks.
The Australian Cyber Security Centre (ACSC) has released its annual report on key cyber threats and statistics from 2019–2020. The report highlights that phishing and spearphishing are still the most common cyberattacks, and ransomware has become a significant threat to operations across multiple sectors. The U.S.
CISA has published an advisory on a permissive cross-domain policy with untrusted domains vulnerability in HMS Networks Ewon Flexy and Cosy. All versions prior to 14.1 are affected. Successful exploitation of this vulnerability could allow attackers to retrieve limited confidential information. HMS Networks recommends a series of mitigations for the vulnerability. CISA recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
CISA has published an advisory on a stack-based buffer overflow vulnerability in FATEK Automation PLC WinProladder. Versions 3.28 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may cause a denial-of-service event and remote code execution. FATEK has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products who would like to see more responsible security are invited to contact Fatek customer support.
CISA has published an advisory on an SQL injection vulnerability in AVEVA Enterprise Data Management Web. Enterprise Data Management Web v2019 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected device. AVEVA reports that affected users are recommended to upgrade to AVEVA Enterprise Data Management Web v2019 SP1 as soon as possible. If an upgrade to v2019 SP1 is not possible, users can contact AVEVA Global Customer Support, and a hot-fix can be made available for eDNA Web v2018 SP2.
Yesterday U.S. Department of Homeland Security (DHS) Secretary Chad Wolf delivered the 2020 State of the Homeland Address. In his address Secretary Wolf reflected on how DHS has evolved since it was founded more than 17 years ago. Speaking of this evolution, he discussed some of today’s potential threat vectors that didn’t exist at the time of the Department’s inception, which include smart phones and cryptocurrency.
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), Microsoft ChakraCore, Internet Explorer, SQL Server, Microsoft JET Database Engine, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Dynamics, Visual Studio, Microsoft Exchange Server, SQL Server, ASP.NET, Microsoft OneDrive, and Azure DevOps.
CISA has published an advisory on a cleartext transmission of sensitive information vulnerability in Siemens Siveillance Video Client. All versions of this product are affected. Successful exploitation of this vulnerability could allow an attacker to obtain valid administrator login names and use this information to launch further attacks. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on an execution with unnecessary privileges vulnerability in Siemens License Management Utility. All versions prior to v2.4 are affected. Successful exploitation of this vulnerability could allow local users to escalate privileges. Siemens has released an updated version and recommends users install this update on all affected systems. Additionally, it has identified specific workarounds and mitigations users can apply to reduce risk. CISA also recommends a series of measures to mitigate the vulnerability.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
