Cybersecurity

NetComm Wireless 4G LTE Light Industrial M2M Router (ICSA-18-221-02)

The NCCIC has released an advisory on information exposure, cross-site request forgery, cross-site scripting, and information exposure through directory listing vulnerabilities in NetComm Wireless 4G LTE Light Industrial M2M Router. Versions 2.0.29.11 and prior of this product are affected. Successful exploitation of these vulnerabilities could allow for the exposure of sensitive information. NetComm Wireless has released a new firmware version to mitigate the vulnerabilities.

Read more about NetComm Wireless 4G LTE Light Industrial M2M Router (ICSA-18-221-02)

Crestron TSW-X60 and MC3 (ICSA-18-221-01)

The NCCIC has released an advisory on OS command injections, improper access control, and insufficiently protected credentials vulnerabilities in Creston TSW-X60 and MC3. For TSW-X60, all versions prior to 2.001.0037.001 are affected. For MC3, all versions prior to 1.502.0047.001 are affected. Successful exploitation of these vulnerabilities may allow remote code execution with escalated system privileges. Crestron recommends users upgrade their devices to the newest firmware.

Read more about Crestron TSW-X60 and MC3 (ICSA-18-221-01)

Understanding TRITON/TRISIS – Not as Sophisticated as Originally Thought

At Black Hat USA last week, industrial cybersecurity firm, Nozomi Networks revealed findings and a live demonstration of the malware attack known as TRITON/TRISIS/HatMan. For those new to this community, Nozomi includes a brief summary of the malware in their whitepaper.

Read more about Understanding TRITON/TRISIS – Not as Sophisticated as Originally Thought

North Korean Malicious Cyber Activity – KEYMARBLE Malware

The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

Read more about North Korean Malicious Cyber Activity – KEYMARBLE Malware

NCCIC Malware Analysis Report: HIDDEN COBRA's KEYMARBLE Trojan

The NCCIC has provided a Malware Analysis Report (MAR) of KEYMARBLE, a Trojan malware variant used by HIDDEN COBRA. The U.S. government refers to all malicious cyber activity by the North Korean government as HIDDEN COBRA. This MAR includes malware descriptions related to HIDDEN COBRA, suggested response actions and recommended mitigation techniques.

Read more about NCCIC Malware Analysis Report: HIDDEN COBRA's KEYMARBLE Trojan

Social Engineering – It’s About People and Processes

Social engineering is commonplace, convincing, and requires continuous consideration. Dr. Larry Ponemon, founder and chairman of Ponemon Institute, discusses the ever-present social engineering threats. He covers three key elements of every organization’s cybersecurity program – people, processes, and technology – and how they fit into combatting these threats.

Read more about Social Engineering – It’s About People and Processes

DHS Launches New Insider Threat Mitigation Website for the Critical Infrastructure Community

In direct response to inquiries from stakeholders, DHS/NPPD launched a new website today focused on providing the critical infrastructure community with information on the principles of insider threat mitigation. The website is dedicated to assisting organizations in establishing internal capabilities to mitigate insider threats focused on a variety of topics, including ideology, workplace violence, and cybersecurity.

Read more about DHS Launches New Insider Threat Mitigation Website for the Critical Infrastructure Community

Delta Electronics CNCSoft and ScreenEditor (ICSA-18-219-01)

The NCCIC has released an advisory regarding multiple stack-based buffer overflows, and out-of-bounds read vulnerabilities affecting Delta Electronics CNCSoft and ScreenEditor products. CNCSoft Version 1.00.83 and prior, and the accompanying, ScreenEditor Version 1.00.54 are affected. Exploitation of both vulnerabilities cause the software to crash due to the failure to validate user input. Currently there are no known public exploits; however, this vulnerability is remotely exploitable, and could be successfully exploited by an attacker with a low skill level.

Read more about Delta Electronics CNCSoft and ScreenEditor (ICSA-18-219-01)

Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60 and apply the necessary update. NCCIC/US-CERT

Read more about Mozilla Releases Security Update for Thunderbird

Linux Kernel Vulnerability

The NCCIC is aware of a Linux kernel vulnerability affecting Linux versions 4.9 and greater. A remote attacker could exploit this vulnerability to cause a denial-of-service condition against a system with an available open port. The NCCIC encourages users and administrators to review the Vulnerability Note VU #962459 and apply the necessary updates. NCCIC/US-CERT

Read more about Linux Kernel Vulnerability

You are here

Cybersecurity

NetComm Wireless 4G LTE Light Industrial M2M Router (ICSA-18-221-02)

Crestron TSW-X60 and MC3 (ICSA-18-221-01)

Understanding TRITON/TRISIS – Not as Sophisticated as Originally Thought

North Korean Malicious Cyber Activity – KEYMARBLE Malware

NCCIC Malware Analysis Report: HIDDEN COBRA's KEYMARBLE Trojan

Social Engineering – It’s About People and Processes

DHS Launches New Insider Threat Mitigation Website for the Critical Infrastructure Community

Delta Electronics CNCSoft and ScreenEditor (ICSA-18-219-01)

Mozilla Releases Security Update for Thunderbird

Linux Kernel Vulnerability

Pages

You are here

Cybersecurity

Pages

Footer Email Signup