December 19, 2019
CISA has updated this advisory with additional details on the nature of the vulnerability. Read the advisory at CISA.
November 18, 2019
December 19, 2019
CISA has updated this advisory with additional details on the affected equipment, the risk evaluation, the affected products, and mitigation measures. Read the advisory at CISA.
October 22, 2019
New research reveals just how quickly sensitive data stolen and sold online by cyber criminals can be put to nefarious use, good information to know given the recent escalation in tactics by some ransomware gangs. Specifically, a researcher conducted an experiment in which he lumped real credit card data in with dummy credit card data and dumped the whole thing onto multiple sites. It took just two hours for criminals to respond, initially “nibbling on” the data with bots and scripts.
The FBI’s Portland, Oregon office has published an advisory on building a digital defense during holiday travel, when many people will be connected to networks other than those at their homes or offices and/or have visitors join theirs. For these situations, the FBI recommends not allowing phones, computers, or other devices to auto-connect to free WiFi networks and to set up separate WiFi accounts for guests to segregate any of their vulnerabilities from your sensitive data.
Microsoft has released out-of-band security updates to address a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review Microsoft Security Advisory for CVE-2019-1491 and apply the necessary updates.
Another city has come forward with information regarding the ongoing vulnerabilities with online utility payment provider Click2Gov. Unfortunately, this one comes with an added wrinkle. The city of Marietta, GA and the FBI have reason to believe data found on the dark web is linked with recent utility customer online transactions.
CISA has published an advisory on improper authentication, cleartext transmission of sensitive information, unrestricted upload of file with dangerous type, heap-based buffer overflow, integer overflow or wraparound, out-of-bounds read, improper access control, stack-based buffer overflow, SFP secondary cluster: missing authentication, deserialization of untrusted data, information exposure, and cleartext transmission of sensitive information vulnerabilities in Siemens SPPA-T3000. All versions of the Application Server and the MS3000 Migration Server are affected.
CISA has published an advisory on a cross-site scripting vulnerability in GES2020/S2020G Fast Switch 61850. Versions 07A03 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to inject arbitrary code and allow disclosure of sensitive data. GE produced and released Version 07A04, which fixes the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
One of the most high-profile ransomware attacks in 2019 was against Norsk Hydro, which is among the world’s leading aluminum production companies.
In the last few days, the cyber criminals behind the Maze ransomware created a public website where they identify their victims who have chosen to rebuild their operations rather than yield to the ransom demands. The move is part of the criminals’ signaling that they will publish the data stolen from their victims if they don’t pay. “For years, ransomware developers and affiliates have been telling victims that they must pay the ransom or stolen data would be publicly released,” said cybersecurity researcher and BleepingComputer founder Lawrence Adams.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
