You are here

Home » Cybersecurity

Cybersecurity

CISA Reminder: Safeguard Websites from Cyber Attacks

The U.S. Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA) has published a Reminder to protect personal and organizational public-facing websites from defacement, data breaches, and other types of cyberattacks by following cybersecurity best practices. CISA) encourages users and administrators to review CISA’s updated Tip on Website Security and take the necessary steps to protect against website attacks.

Honeywell Maxpro VMS & NVR (ICSA-20-021-01) – Products Used in the Energy Sector

CISA has released an advisory on deserialization of untrusted data and SQL injection vulnerabilities in Honeywell MAXPRO VMS & NVR. Multiple products and versions of these products are affected. Successful exploitation of these vulnerabilities could result in elevation of privileges, cause a denial-of-service condition, or allow unauthenticated remote code execution. Honeywell recommends users update VMS 560 Build 595 T2-Patch for affected VMS systems, and NVR 5.6 Build 595 T2-Patch for affected NVR systems. CISA also recommends a series of measures to mitigate the vulnerability.

Building a Digital Defense against Tech Support Scams

The FBI’s Portland, Oregon office has published two back-to-back advisories on building a digital defense against digital device repair scams. As noted in the first of the advisories, the FBI’s Internet Crime Complaint Center (IC3) is receiving increasing amounts of reports involving this type of scam. Here’s one version of how the scam works: you find someone online to fix your problem and pay the requested amount for the repair services. Shortly after, you receive a call from a scammer saying you are getting a partial refund on your money for one reason or another.

Proof-of-Concept Exploit Code Now Publicly Available for Critical Microsoft CryptoAPI Spoofing Vulnerability (CVE-2020-0601)

On Tuesday, Microsoft released a patch fixing a spoofing vulnerability (CVE-2020-0601) related to the Windows CryptoAPI (Crypt32.dll) and the way it validates Elliptic Curve Cryptography (ECC) certificates. The vulnerability affects Windows 10, Windows Server 2016, and Windows Server 2019. More information on the vulnerability disclosure can be found in the Security & Resilience Update for January 14, 2020.

OSIsoft PI Vision (ICSA-20-014-06)

CISA has released an advisory on improper access control, cross-site request forgery (CSRF), cross-site scripting, and inclusion of sensitive information in log files vulnerabilities in OSIsoft LLC PI Vision. Multiple products and versions of these products are affected. Successful exploitation of these vulnerabilities may allow disclosure of sensitive information and limit the availability of the system. OSIsoft recommends users upgrade to PI Vision 2019 and also offers defensive measures to resolve these issues. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens SINAMICS PERFECT HARMONY GH180 (ICSA-20-014-04)

CISA has released an advisory on a protection mechanism failure in Siemens SINAMICS PERFECT HARMONY GH180. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled security controls, which could be used to launch further attacks against the affected device.

Siemens SCALANCE X Switches (ICSA-20-014-03)

CISA has released an advisory on a missing authentication for critical function vulnerability in Siemens SCALANCE X Switches. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an unauthenticated attacker to violate access-control rules. Siemens has identified workarounds and mitigations affected users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens SINEMA Server (ICSA-20-014-02)

CISA has released an advisory on an incorrect privilege assessment vulnerability in Siemens SINEMA Server. All versions prior to Version 14.0 SP2 Update 1 are affected. Successful exploitation of this vulnerability could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. Siemens recommends users of the affected product update to a new version and has identified workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

Pages

Subscribe to Cybersecurity