Cybersecurity

Mitsubishi Electric MELSEC iQ-R Series (Update A) (ICSA-20-282-02)

October 29, 2020

CISA has updated this advisory with additional information on the affected products and mitigation measures. Read the advisory at CISA.

October 8, 2020

Read more about Mitsubishi Electric MELSEC iQ-R Series (Update A) (ICSA-20-282-02)

WECON LeviStudioU (Update B) (ICSA-20-238-03) – Product Used in the Water and Wastewater and Energy Sectors

October 29, 2020

CISA has updated this advisory with additonal information on the researcher who reported the vulnerabilities. Read the advisory at CISA.

October 20, 2020

Read more about WECON LeviStudioU (Update B) (ICSA-20-238-03) – Product Used in the Water and Wastewater and Energy Sectors

CISA Alert: Ransomware Activity Targeting the Healthcare and Public Heath Sector

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a joint alert with the FBI and the U.S. Department of Health and Human Services describing the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the healthcare and public health sector to infect systems with Ryuk ransomware for financial gain. In the alert, the authoring organizations state that they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

Read more about CISA Alert: Ransomware Activity Targeting the Healthcare and Public Heath Sector

SHUN HU Technology JUUKO Industrial Radio Remote Control (ICSA-20-301-01)

CISA has published an advisory on authentication bypass by capture-replay and command injection vulnerabilities in SHUN HU Technology JUUKO Industrial Radio Remote Control. JUUKO K-800 and K-808, with firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc., are affected. Successful exploitation of these vulnerabilities could allow attackers to replay commands, control the device, view commands, and/or stop the device from running.

Read more about SHUN HU Technology JUUKO Industrial Radio Remote Control (ICSA-20-301-01)

Joint Cybersecurity Advisory on North Korean APT Kimsuky

Today the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the U.S. Cyber Command published a joint cybersecurity advisory describing the tactics, techniques, and procedures used by the North Korean advanced persistent threat (APT) group Kimsuky.

Read more about Joint Cybersecurity Advisory on North Korean APT Kimsuky

FTC Advisory on Overpaid Utility Bill Scams

The Federal Trade Commission (FTC) has posted an advisory on overpaid utility bill scams. While primarily intended for consumers, a utility could provide this advisory to its customers to help them identify and avoid these scams. According to the advisory, in this scam a customer receives a robocall saying they paid too much on a utility bill. To make up for this mistake, they’ll get a cash refund and a discount on future bills. All they have to do is provide some information, such as their social security number or account details, to get their money and discount.

Read more about FTC Advisory on Overpaid Utility Bill Scams

Microsoft Releases Security Update for Edge - Updated October 26, 2020

October 26, 2020

Read more about Microsoft Releases Security Update for Edge - Updated October 26, 2020

15CFAM – Detecting and Responding to Cyber Threats is So Much FUN!

Ok, maybe it takes a cybersecurity nerd to think cyber threat detection and incident response is fun. But be assured, if you aren’t monitoring and detecting cyber threats against your organization, it’ll be anything but fun trying to respond to an attack or other cyber incident.

Read more about 15CFAM – Detecting and Responding to Cyber Threats is So Much FUN!

CISA and FBI Release Joint Advisories on Russian and Iranian APT Actors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. The first, on Russian APT actors, is an update to a previous CISA-FBI advisory (AA20-283A APT Actors Chaining Vulnerabilities against SLTT, Critical Infrastructure, and Elections Organizations, published on October 9, 2020) and provides information on targeting of U.S.

Read more about CISA and FBI Release Joint Advisories on Russian and Iranian APT Actors

15CFAM – Cybersecurity Culture is FUN

Alas! We get to one of my (Jennifer Lyn Walker) favorite 15CFAM topics, cybersecurity culture. Walking back through WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities guide, we wrap up another three relevant FUNdamentals into one. For this ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM) series post we visit #8-Create a Cybersecurity Culture, #9-Develop and Enforce Cybersecurity Policies and Procedures, and #12-Tackle Insider Threats.

Read more about 15CFAM – Cybersecurity Culture is FUN

You are here

Cybersecurity

Mitsubishi Electric MELSEC iQ-R Series (Update A) (ICSA-20-282-02)

WECON LeviStudioU (Update B) (ICSA-20-238-03) – Product Used in the Water and Wastewater and Energy Sectors

CISA Alert: Ransomware Activity Targeting the Healthcare and Public Heath Sector

SHUN HU Technology JUUKO Industrial Radio Remote Control (ICSA-20-301-01)

Joint Cybersecurity Advisory on North Korean APT Kimsuky

FTC Advisory on Overpaid Utility Bill Scams

Microsoft Releases Security Update for Edge - Updated October 26, 2020

15CFAM – Detecting and Responding to Cyber Threats is So Much FUN!

CISA and FBI Release Joint Advisories on Russian and Iranian APT Actors

15CFAM – Cybersecurity Culture is FUN

Pages

You are here

Cybersecurity

Pages

Footer Email Signup