Cybersecurity

MS-ISAC Releases Advisory on PHP Vulnerability

The Multi-State Information Sharing and Analysis Center (MS-ISAC) – a WaterISAC partner – has published an advisory on a vulnerability in PHP, a programming language originally designed for use in web-based applications with HTML content. According to MS-ISAC, this vulnerability could allow an attacker to execute arbitrary code. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in a denial-of-service condition.

Read more about MS-ISAC Releases Advisory on PHP Vulnerability

Yokogawa Products (ICSA-19-274-02) – Products Used in the Energy Sector

CISA has published an advisory on an unquoted search path or element vulnerability in several Yokogawa products. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a local attacker to execute malicious files. Yokogawa has provided countermeasures for the vulnerability in each of the affected products. CISA has also provided a series of measures for mitigating this vulnerability. Read the advisory at CISA.

Read more about Yokogawa Products (ICSA-19-274-02) – Products Used in the Energy Sector

Moxa EDR 810 Series (ICSA-19-274-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper input validation and improper access control vulnerabilities in Moxa EDR 810. Versions 5.1 and prior are affected. Successful exploitation of these vulnerabilities could allow remote code execution or access to sensitive information. Moxa recommends users update to the latest firmware, v5.2, or later. CISA has also provided a series of measures for mitigating this vulnerability. Read the advisory at CISA.

Read more about Moxa EDR 810 Series (ICSA-19-274-03) – Products Used in the Water and Wastewater and Energy Sectors

16th Annual National Cybersecurity Awareness Month – Own IT. Secure IT. Protect IT.

October is not just for pumpkin spice. For the 16th year in a row, October is recognized as National Cybersecurity Awareness Month (NCSAM).

Read more about 16th Annual National Cybersecurity Awareness Month – Own IT. Secure IT. Protect IT.

Centralized Incident Response System Set Up in Advance Credited for Texas’ Recovery After Ransomware Attack

Despite the ransomware attacks in Texas representing the largest coordinated attack on government entities, the cooperation of federal, state, and local resources characterizes effective incident response – an effective and efficient response that would have never been possible if the system was not set up in advance. An article posted in HSToday, What Incident Responders Can Learn from the Lilu Ransomware Attacks on Texas Government Entities, covers valuable lessons learned from the attacks on 16 August 2019.

Read more about Centralized Incident Response System Set Up in Advance Credited for Texas’ Recovery After Ransomware Attack

Disruptionware – A Cyber-Physical Threat to Operational Technology Environments

A new collaborative report between cybersecurity firm Forescout and cybersecurity think tank Institute for Critical Infrastructure Technology (ICIT) explores what they are coining “disruptionware” – a category of cyber attack methods using unsophisticated, IT-based commodity malware that can be devastating to critical infrastructure firms. The most widespread form of disruptionware is ransomware.

Read more about Disruptionware – A Cyber-Physical Threat to Operational Technology Environments

Threat Update – Government and Utility Payment Portal Click2Gov Targeted Again

Researchers with dark web intelligence firm Gemini Advisory discovered a new campaign targeting Click2Gov. Click2Gov is a web-based, interactive self-service bill-pay software solution developed by Superion. It includes various modules that allow users to pay bills associated with local government services, including utilities.

Read more about Threat Update – Government and Utility Payment Portal Click2Gov Targeted Again

Threat Update – LookBack RAT Still Targeting U.S. Utilities

As WaterISAC shared in its August 6 Security and Resilience Update, the LookBack remote access trojan has a penchant for targeting U.S. utilities. Likewise, WaterISAC is aware of at least one member utility that received an email consistent with activity described in the LookBack campaign. The email purported to be from a state water sector association, Florida Rural Water Association (FRWA).

Read more about Threat Update – LookBack RAT Still Targeting U.S. Utilities

Security Awareness – Emotet Uses Snowden’s New Book as a Current Lure

As WaterISAC shared in its September 17 Security and Resilience Update, Emotet has resumed spear phishing activity. Specifically, last week Emotet was observed using similar tactics from late spring 2019 by hijacking old email threads designed as invoices. This week it adds a different tactic to its arsenal of lures – NSA whistleblower Edward Snowden’s new book, Permanent Record.

Read more about Security Awareness – Emotet Uses Snowden’s New Book as a Current Lure

Microsoft Releases Out-of-Band Security Updates for IE 11 and Microsoft Defender

Microsoft has released security updates to address vulnerabilities in Internet Explorer 11 and Microsoft Defender. The updates include a cumulative security update for Internet Explorer. A remote attacker could exploit these vulnerabilities to take control of an affected system.

Read more about Microsoft Releases Out-of-Band Security Updates for IE 11 and Microsoft Defender

You are here

Cybersecurity

MS-ISAC Releases Advisory on PHP Vulnerability

Yokogawa Products (ICSA-19-274-02) – Products Used in the Energy Sector

Moxa EDR 810 Series (ICSA-19-274-03) – Products Used in the Water and Wastewater and Energy Sectors

16th Annual National Cybersecurity Awareness Month – Own IT. Secure IT. Protect IT.

Centralized Incident Response System Set Up in Advance Credited for Texas’ Recovery After Ransomware Attack

Disruptionware – A Cyber-Physical Threat to Operational Technology Environments

Threat Update – Government and Utility Payment Portal Click2Gov Targeted Again

Threat Update – LookBack RAT Still Targeting U.S. Utilities

Security Awareness – Emotet Uses Snowden’s New Book as a Current Lure

Microsoft Releases Out-of-Band Security Updates for IE 11 and Microsoft Defender

Pages

You are here

Cybersecurity

Pages

Footer Email Signup