In the face of the diminished air-gap, former NSA Director and U.S. Cyber Commander, Michael S. Rogers, and Claroty’s Chief Security Officer Dave Weinstein suggest America’s critical infrastructure is not vulnerable because it is digital or automated, but because the attackers know the terrain better than the defenders.
With escalating tensions against the US from Iran, their perceived allies and proxies we have been informed of the increased cyber threat particularly against our industrial control systems. As the very same systems that provide for our livelihoods are being targeted by faceless enemies egregiously putting human lives at risk, it is past time for rules of engagement for cyber war to be agreed upon before lives are lost.
The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in SICK MSC800. All versions prior to 4.0 are affected. Successful exploitation of this vulnerability could allow a low-skilled remote attacker to reconfigure settings and/or disrupt the functionality of the device. SICK recommends affected users upgrade to the latest firmware version (v4.0). The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.
The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP635 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.
The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP651 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.
The NCCIC has published an advisory on use of hard-coded credentials, improper authentication, relative path traversal, improper input validation, and stack-based buffer overflow vulnerabilities in ABB PB610 Panel Builder 600. PB610 Panel Builder 600, order code: 1SAP500900R0101, versions 1.91 to 2.8.0.367 and prior are affected.
The NCCIC has published an advisory on Path Traversal, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write, and Untrusted Pointer Dereference vulnerabilities in Advantech WebAccess/SCADA. Versions 8.3.5 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, deletion of files, and remote code execution. Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has announced the relaunch of the newly integrated us-cert.gov website. The new site consolidates us-cert.gov, which focused primarily on IT issues (e.g., tips and best practices for secure computing), and ics-cert.us-cert.gov, which addressed ICS topics (e.g., OT device vulnerabilities).
The National Institute of Standards and Technology (NIST) has released the Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks report. The report observes that many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do.
As discussed in an email WaterISAC sent to members on June 24, Chris Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), issued an advisory indicating his agency is aware of “a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies.” Krebs highlighted “destructive ‘wiper’ attacks” as a type of activity these threat actors are usin
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
