Cybersecurity

Fr. Sauter AG Case Suite (ICSA-18-305-04)

The NCCIC has released an advisory on an improper restriction of xml external entity reference vulnerability in Fr. Sauter AG Case Suite. Versions 3.10 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to remotely retrieve unauthorized files from the system. Fr. Sauter AG recommends users apply Service Release 1 for the current CASE Suite Version 3.10. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Read more about Fr. Sauter AG Case Suite (ICSA-18-305-04)

Circontrol CirCarLife (ICSA-18-305-03)

The NCCIC has released an advisory on authentication bypass using an alternate path or channel and insufficiently protected credentials vulnerabilities in Circontrol CirCarLife. All versions prior to 4.3.1 are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to retrieve credentials stored in clear text to bypass authentication, and see and access critical information. Circontrol has released a new version of the software. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Read more about Circontrol CirCarLife (ICSA-18-305-03)

Schneider Electric Software Update (ICSA-18-305-02) – Product Used in the Energy Sector

The NCCIC has released an advisory on a DLL hijacking vulnerability in Schneider Electric Software Update (SESU). All versions prior to 2.2.0 are affected. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system. Schneider Electric has created a fix for this vulnerability (Version 2.2.0). The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.

Read more about Schneider Electric Software Update (ICSA-18-305-02) – Product Used in the Energy Sector

AVEVA InduSoft Web Studio and InTouch Edge HMI (ICSA-18-305-01) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on stack-based buffer overflow and empty password in configuration file vulnerabilities in AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition). InduSoft Web Studio versions prior to 8.1 SP2 and InTouch Edge HMI versions prior to 2017 SP2 are affected. Successful exploitation of these vulnerabilities could allow an unauthenticated user to remotely execute code. AVEVA recommends that users upgrade to InduSoft Web Studio v8.1 SP2 and InTouch Edge HMI (formerly InTouch Machine Edition) 2017 SP2 as soon as possible.

Read more about AVEVA InduSoft Web Studio and InTouch Edge HMI (ICSA-18-305-01) – Products Used in the Water and Wastewater and Energy Sectors

How to Develop an Immersive Cybersecurity Simulation

An article from IBM provides steps to build an immersive simulation when cultivating an organization’s cybersecurity culture. A cybersecurity culture can’t be built with training alone – it must also involve exercises to ensure the policies personnel have been trained to uphold are effective and that the training to ensure compliance with these policies was effective.

Read more about How to Develop an Immersive Cybersecurity Simulation

SamSam Ransomware Attacks Continue, Focusing Mostly on U.S. Organizations

While many types of ransomware are spread indiscriminately, SamSam in used in a targeted fashion, with the threat actors spending time performing reconnaissance by mapping out the network before encrypting as many computers as possible. A successful SamSam attack will likely be highly disruptive. In the worst-case scenario, if no backups are available or if backups are encrypted by SamSam, valuable data could be lost permanently. Even if an organization does have backups, restoring affected computers and cleaning up the network will cost time and money and may lead to reputational damage.

Read more about SamSam Ransomware Attacks Continue, Focusing Mostly on U.S. Organizations

Bitdefender Offers Free Decryption Tool for GandCrab, the Most Popular Multi-Million Dollar Ransomware of the Year

The GandCrab ransomware family emerged in late February 2018 and was quickly adopted by cybercriminals because it offered something no other ransomware family had offered before: custom ransom amounts. While the average user would be reluctant to spend as much as $500 to get their data back, organizations and companies would be far more interested in paying larger amounts of money. Currently, the most prolific versions of GandCrab are versions 4 and 5, which are estimated to have infected around 500,000 victims worldwide since July 2018.

Read more about Bitdefender Offers Free Decryption Tool for GandCrab, the Most Popular Multi-Million Dollar Ransomware of the Year

Vecna VGo Robot (Update A) (ICSA-18-114-01)

October 30, 2018

The NCCIC has updated this advisory with additional information on the nature of the vulnerabilities, its evaluation of the risk presented, the affected products, and mitigation measures. NCCIC/ICS-CERT.

April 24, 2018

Tags:

nccic ics-cert

Read more about Vecna VGo Robot (Update A) (ICSA-18-114-01)

PEPPERL+FUCHS CT50-Ex (ICSA-18-303-01)

The NCCIC has released an advisory on an improper privilege management vulnerability in PEPPERL+FUCHS CT50-Ex. CT50-Ex running Android OS v4.4 and v6.0 are affected (the original manufacturer was Honeywell). Successful exploitation of this vulnerability could allow a malicious third-party application to gain elevated privileges and obtain access to sensitive information. An update is available that resolves this vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Read more about PEPPERL+FUCHS CT50-Ex (ICSA-18-303-01)

Emotet Awakens and Evolves…Again

Emotet, the malware dropper that gained greater notoriety in recent weeks for its involvement in the Ryuk Ransomware incident that affected Onslow Water and Sewer Authority (ONWASA), reported by WaterISAC here, has awaken from its brief respite.

Read more about Emotet Awakens and Evolves…Again

You are here

Cybersecurity

Fr. Sauter AG Case Suite (ICSA-18-305-04)

Circontrol CirCarLife (ICSA-18-305-03)

Schneider Electric Software Update (ICSA-18-305-02) – Product Used in the Energy Sector

AVEVA InduSoft Web Studio and InTouch Edge HMI (ICSA-18-305-01) – Products Used in the Water and Wastewater and Energy Sectors

How to Develop an Immersive Cybersecurity Simulation

SamSam Ransomware Attacks Continue, Focusing Mostly on U.S. Organizations

Bitdefender Offers Free Decryption Tool for GandCrab, the Most Popular Multi-Million Dollar Ransomware of the Year

Vecna VGo Robot (Update A) (ICSA-18-114-01)

PEPPERL+FUCHS CT50-Ex (ICSA-18-303-01)

Emotet Awakens and Evolves…Again

Pages

You are here

Cybersecurity

Pages

Footer Email Signup