You are here

Home » Cybersecurity

Cybersecurity

CISA Alert on Dridex – Malware Impacting Financial Institutions and their Customers

CISA has published an alert on Dridex, providing an overview of the malware, related activity, and a list of previously unreported indicators of compromise. Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial institutions and customers, CISA submits that the techniques, tactics, and procedures contained in this report warrant renewed attention. Read the alert at CISA.

Weidmueller Industrial Ethernet Switches (ICSA-19-339-02)

CISA has published an advisory on improper restriction of excessive authentication attempts, uncontrolled resource consumption, missing encryption of sensitive data, unprotected storage of credentials, and predictable from observable state vulnerabilities in Weidmueller Industrial Ethernet Switches. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to the device, affecting the confidentiality, integrity, and availability of the device the attacker is targeting.

Thales DIS SafeNet Sentinel LDK License Manager Runtime (ICSA-19-339-01)

CISA has published an advisory on a link following vulnerability in Thales DIS SafeNet Sentinel LDK License Manager Runtime. All versions prior to 7.101 are affected. Successful exploitation of this vulnerability could allow a local attacker to escalate privileges. Thales recommends upgrading to Version 7.101 or later. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.

ZeroCleare - New Destructive Wiper Malware Targets Energy Sector in Middle East

IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking a new destructive malware campaign dubbed ZeroCleare. X-Force IRIS has been following the evolution of destructive, disk-wiping malware since the first Shamoon attacks during the summer of 2012, and recently discovered ZeroCleare being used to execute a destructive attack on organizations in the energy and industrial sectors in the Middle East.

Where Could We Be - Potential Societal Implications of Industrial Cyber Attacks in the Decade Ahead

If you are reading this, you understand the devastation that can occur when critical infrastructure fails. Whether the compromise is due to a mechanical failure or a cyber attack, societal ramifications can be dire. In a recent post, Sergio Caltagirone, Vice President of Threat Intelligence at industrial cybersecurity firm Dragos, presents several interconnected reasons we may expect important humanitarian consequences from cyber operations over the next decade.

Moxa AWK-3121 (ICSA-19-337-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on cleartext transmission of sensitive information, improper access control, sensitive cookie without ‘HTTPONLY’ flag, improper restriction of operations within the bounds of a memory buffer, CSRF, command injection, and cross-site scripting vulnerabilities in Reliable Controls LicenseManager. Versions 1.14 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to view sensitive information, cause availability issues, and execute remote code.

Reliable Controls LicenseManager (ICSA-19-337-01)

CISA has published an advisory on an unquoted search path or element vulnerability in Reliable Controls LicenseManager. Versions 3.4 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to crash the system, view sensitive data, or execute arbitrary commands. Reliable Controls has released RC-LicenseManager Version 3.5, which is bundled for use within the latest RC-Studio software. Reliable Controls recommends users upgrade to RC Studio 3.6.3. CISA also recommends a series of measures to mitigate the vulnerabilities.

FBI Advises to Beware of Holiday Scams

The FBI has issued an advisory warning of various scams that coincide with the holiday season. The FBI notes that the perpetrators of these scams can be aggressive and creative, whether they involve online shopping, social media, gift cards, or charities, but in each case certain red flags are raised. In the case of gift card scams, a type of fraudulent activity that has been observed targeting water and wastewater utilities in the past, the FBI advises consumers should be careful if someone asks them to purchase gift cards for them.

Do You Remember When? – The Most Notable Cybersecurity Events of the Past Decade

ZDNet has posted an enlightening summary about some of the most influential cyber events during the past decade. Not all of the events are the biggest, but each incident represents a new trend, watershed moment, or paradigm shift in the field of cybersecurity. Several incidents are relevant to industrial cybersecurity, such as Stuxnet (2010), Flame (2012), Ukraine (2015), and even Wannacry and NotPetya (2017).

Pages

Subscribe to Cybersecurity