You are here

Home » Cybersecurity

Cybersecurity

Water and Wastewater Sector Third Most Affected by ICS Vulnerabilities Disclosed in First Half 0f 2020

With vulnerability management being a pillar of every successful cyber risk management strategy, the latest report by industrial cybersecurity firm Claroty provides material evidence for member utilities challenged with prioritizing cybersecurity in the OT environment. According to findings in the Claroty Biannual ICS Risk & Vulnerability Report: 1H 2020, the water and wastewater sector falls just below energy and critical manufacturing for the critical infrastructure sectors most affected by vulnerabilities published in ICS-CERT advisories.

New Information on North Korean Malicious Cyber Activity: BLINDINGCAN

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have published a new Malware Analysis Report (MAR) on BLINDINGCAN, a malware variant used by North Korean actors. In addition to providing a description of BLINDINGCAN, the MAR contains suggested response actions and recommended mitigation techniques.

Peer Use Case – Water Treatment Plant Manager Discusses Remote Access Readiness During Pandemic

In Day 4 of its Mobility Month mini series, Control Global shares the experience of John D’Aoust, water treatment plant manager, City of Haverhill, Massachusetts. D’Aoust outlines how his 10-member staff is prepared to operate with just one onsite staffer. “If you put the proper plans in place and have the right hardware to enable the necessary security, you can do this safely and securely,” adds D’Aoust, who says his team is prepared if fully remote monitoring is ever required.

Guidance Document – NIST Publishes Final Guidance on Establishing Zero Trust Architecture to Improve Cybersecurity Defenses

NIST recently announced the final publication of Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA). Zero trust refers to an evolving set of security paradigms that narrows defenses from wide network perimeters to individual or small groups of resources.

Threat Awareness – Drovorub, New Linux Malware with a Russian Nexus

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have jointly released a comprehensive technical advisory on previously undisclosed Linux malware they are attributing to Russian advanced persistent threat (APT) actors. The malware, dubbed Drovorub, is being associated to APT28/Fancy Bear, a Russian group notoriously known for the 2016 Democratic National Committee attacks.

CISA Alert: Phishing Emails Used to Deploy KONNI Malware

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert advising that is has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic Application (VBA) macro code to deploy KONNI malware. KONNI is a remote administration tool (RAT) used by malicious cyber actors to steal files, capture keystrokes, take screenshots, and execute arbitrary code on infected hosts.

Microsoft Addresses RCE and Spoofing Vulnerabilities under Active Exploitation

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) advises that Microsoft has released security updates to address two vulnerabilities – CVE-2020-1380 and CVE-2020-1464 – that are being actively exploited. CVE-2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11, and CVE-2020-1464 is a spoofing vulnerability that affects multiple Windows products. An attacker could exploit these vulnerabilities to take control of an affected system.

CISA Alert: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert advising it is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.

Pages

Subscribe to Cybersecurity