You are here

Home » Cybersecurity

Cybersecurity

Eaton Intelligent Power Manager (ICSA-20-133-01) – Product Used in Energy Sector

CISA has published an advisory on improper input validation and incorrect privilege assignment vulnerabilities in Eaton Intelligent Power Manager. Versions 1.67 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to perform command injection or code execution and allow non-administrator users to manipulate the system configurations. Eaton has released Intelligent Power Manager v1.68 to address the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities.

Microsoft Releases May 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI. Read the advisory at Microsoft.

Top Ten Routinely Exploited Vulnerabilities

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an alert of the top ten routinely exploited vulnerabilities observed by it and the FBI and the broader U.S. government. The vulnerabilities are categorized into groupings for the top ten exploited from 2016 to 2019 and in 2020. Unsurprisingly, much of the activity observed in 2020 has exploited vulnerabilities in virtual private networks and cloud collaboration services, which are increasingly in use given unprecedented levels of remote work during the COVID-19 pandemic.

FBI IC3 Reflects on Trends over 20 Year History

In a posting notifying partners that it is marking its twentieth anniversary, the FBI’s Internet Crime Complaint Center (IC3) reflects on how cyber crime has evolved over the course of its history. In its first full year of operation, the IC3 logged nearly 50 complaints. Most of them revolved around internet auction fraud, non-delivery scams, and the infamous messages from alleged princes or princesses with untapped fortunes they wanted to share with recipients. Average losses for victims were low, compared to today’s numbers (in 2001, the average victim lost $435).

Sodinokibi Ransomware Can Now Encrypt Open and Locked Files

When a file is open or locked, most ransomware applications can’t encrypt them without first shutting down the process involved. Applications like database or mail servers lock open files so that other programs can’t modify them. The lock prevents data from being corrupted by two processes writing to a file at the same time. But now the Sodinokibi (aka REvil) ransomware has a new feature for terminating processes that have locked a file, meaning it can encrypt such a file.

New Information on North Korean Malicious Cyber Activity

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have provided new information on malicious cyber activity by the North Korean government. In three new Malware Analysis Reports (MARs), these agencies discuss and provide technical information for three malware variants used by the North Korean government: COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. In addition to providing malware descriptions, the MARs contain suggested response actions and recommended mitigation techniques.

Pages

Subscribe to Cybersecurity