You are here

Home » Cybersecurity

Cybersecurity

PHOENIX CONTACT Emalytics Controller ILC (ICSA-20-063-02) – Product Used in the Energy Sector

CISA has published an advisory on an incorrect permission assignment for critical resource vulnerability in PHOENIX CONTACT Emalytics Controller ILC. All versions prior to 1.2.3 are affected. Successful exploitation of this vulnerability could allow an attacker to change the device configuration and start or stop services. Phoenix Contact strongly recommends affected users update to engineering software Emalytics v1.2.3 or higher and recommission the controllers. CISA also recommends a series of measures to mitigate the vulnerability.

Emerson ValveLink (ICSA-20-063-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on an improper access control vulnerability in Emerson ValveLink. Versions 12.0.264 to 13.4.118 are affected. Successful exploitation of this vulnerability could allow arbitrary code execution. Emerson recommends users upgrade the affected product. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Moxa AWK-3131A Series Industrial AP/Bridge/Client (ICSA-20-063-04) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper access control, use of hard-coded cryptographic key, os command injection, use of hard-coded credentials, classic buffer overflow, out-of-bounds read, stack-based buffer overflow, improper access control, and authentication bypass using an alternate path or channel vulnerabilities in Moxa AWK-3131A. Versions 1.13 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain control of the device and remotely execute arbitrary code. Moxa has created a security patch to mitigate these vulnerabilities.

Ransomware Is a “National Crisis,” says CISA Director

At RSA Conference 2020 last week, Christopher Krebs, director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said, “I think we’re on the verge of a national crisis when it comes to ransomware.” Krebs also spoke of his agency’s role in helping to prevent the pending crisis, noting that CISA strives to serve as the “nation’s risk advisor” and plans to continue to offer training for operators of critical infrastructure.

National Consumer Protection Week

National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft. The U.S.

Hackers Scanning for Vulnerable Microsoft Exchange Servers

Attackers are actively scanning the internet for Microsoft Exchange Servers vulnerable to the CVE-2020-0688 remote code execution vulnerability patched by Microsoft two weeks ago (despite patches being made available, some organizations choose to forgo automatic updates, opting to implement them manually or not at all). The flaw is present in the Exchange Control Panel (ECP) component and is caused by Exchange's inability to create unique cryptographic keys when being installed.

Despite Widespread Ransomware Concerns, Only 38 Percent of State and Local Government Employees Trained in Prevention

According to the results of a poll recently conducted by IBM, only 38 percent of state and local government employees are trained on ransomware prevention. Additionally, budgets for managing cyber attacks have remained stagnant according to 52 percent of the state and local government IT/security professionals who were polled. These findings were in spite of 73 percent of those polled indicating they are concerned about impending ransomware threats. Additionally, 1 in 6 respondents disclosed their department had been impacted by a ransomware attack.

OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability

OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to apply the necessary update.

Building a Digital Defense with Communications

The FBI’s Portland, Oregon office has published an advisory discussing best practices for communications, such as with personal and official email, messaging apps, and social media. As the advisory notes, users should be aware of the potential dangers of cyber attacks through these various channels and of the need to opt for secure methods of communication to reduce the likelihood of intrusion. The advisory groups best practices into encryption, message retention, and access.

Honeywell WIN-PAK (ICSA-20-056-05)

CISA has published an advisory on cross-site request forgery, improper neutralization of HTTP headers for scripting syntax, and use of obsolete function vulnerabilities in Honeywell WIN-PAK. WIN-PAK 4.7.2 and prior versions are affected. Successful exploitation of these vulnerabilities allows an attacker to perform remote code execution. Honeywell recommends users with potentially affected products take steps to protect themselves, which it has provided. CISA also recommends a series of measures to mitigate the vulnerabilities.

Pages

Subscribe to Cybersecurity