May the 4th Be with… Your Passwords (on World Password Day)
- by Jennifer Lyn Walker
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!
Cybersecurity
Cyber Hygiene – Phishing Resistant MFA and Complex Passwords
Despite all the hype, many organizations implementing multifactor authentication (MFA) and complex passwords can still fall victim to cyber attacks. Multiple threat actor types are increasingly bypassing MFA controls, typically through MFA push notification fatigue or exploiting weaknesses in self-enrollment configurations, to gain access to a victim’s network.
Security Awareness – Understanding and Securing ‘Out-of-Control’ Devices
Organizations large and small are adopting endpoint detection and response (EDR) solutions to provide visibility into their networks. However, according to security researchers, many organizations’ percentage of EDR coverage on endpoints is in the range of 60-70 percent, leaving 30-40 percent of devices out of their control, greatly increasing an organization’s cyber risk.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 2, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Supply Chain Resilience – CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national security pursuant to the Secure and Trusted Communications Networks Act of 2019.
Vulnerability Awareness – Spike in Attacks against CCTV Products with Critical Five-Year-Old Vulnerability
Security Week has written an article discussing a spike in attacks exploiting CVE-2018-9995, a 5 year old critical authentication bypass vulnerability in TBK Vision devices, and CVE-2016-20016, a 7 year old vulnerability in MVPower devices.
Security Awareness – Malware-Free Cyberattacks on the Rise
Threat actors are increasingly capable of compromising enterprise networks by utilizing legitimate tools and social engineering techniques, instead of relying on malware, making it harder for network defenders to detect malicious activity.
Vulnerability Awareness – Abuse of the Service Location Protocol May Lead to DoS Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) posted an alert warning network defenders that exploiting the Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.
Report: Sophos Finds Many Breaches Still Caused by Lack of Patching
Not all trend analysis reports are created equal, but occasionally some stand out. Nonetheless, many such reports are often useful for lessons learned and an enlightening nugget or two. One such report is Sophos’ 2023 Active Adversary Report for Business Leaders, which provides a picture of how threat actors are operating. The report is derived from over 150 incident response engagements selected from its 2022 workload.
April 26, 2023 WaterISAC Cyber Threat Briefing
WaterISAC convened its monthly Water Sector Cyber Threat Briefing on April 26. Brandon Carter, a cybersecurity specialist at EPA's Water Infrastructure and Cyber Resilience Division, presented.
Agenda - You’re Not in this Alone: EPA Cybersecurity Technical Assistance Program for the Water Sector
Pages
