Cybersecurity

It’s Difficult to Paint the OT/ICS Threat Landscape Picture when Incidents aren’t Reported

While there seems to be interest in the OT/ICS cyber threat landscape, it’s truly a challenge to paint an accurate picture when organizations don’t report incidents – it’s like trying to paint a beautiful sunset with only black and white. Nonetheless, some organizations develop surveys with questions believed to capture the perceived issues and challenges in order to at least cover the broad strokes. The latest such survey report comes from the SANS Institute, for which 480 of your OT/ICS peers have spoken – A SANS 2021 Survey: OT/ICS Cybersecurity.

Read more about It’s Difficult to Paint the OT/ICS Threat Landscape Picture when Incidents aren’t Reported

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Sensormatic Electronics KT-1

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

Pardon the reprise of a similar holiday-themed post from last year, Don’t Let Ransomware Steal Your Independence (Day), but if the shoe (and the sentiment) fits…

Read more about Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

Bad Practice #3 – Use of Single-Factor Authentication (SFA)

Read more about CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Another vulnerability associated with Microsoft Exchange Server has been disclosed. The flaw, dubbed “ProxyToken,” allows remote attackers to bypass authentication and alter an Exchange email server’s backend configuration. This vulnerability could be exploited by a threat actor to copy all emails sent to a specified target account and then forward those emails to a separate account controlled by the attacker.

Read more about ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Cybersecurity Hygiene – Password Re-use, not Just for Users

Users are not the only ones to suffer from password re-use across multiple sites, services, or devices. Unfortunately, many system administrators use the same passwords for local administrator access across all workstations for ease of technical support. But what’s good for the sysadmin, is also good for the threat actor who gains access to password hashes. Pen Test Partners (PTP) briefly discusses the issues with admin password re-use and suggests a more secure solution than using the same local admin password across all workstations.

Read more about Cybersecurity Hygiene – Password Re-use, not Just for Users

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 26, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 26, 2021

FBI FLASH: Indicators of Compromise Associated with Hive Ransomware

The FBI has published another TLP:WHITE FLASH providing indicators of compromise associated with “Hive” ransomware. The Flash indicates that Hive ransomware, which was first discovered in June 2021 and likely operates as an affiliate-based ransomware campaign, primarily employs phishing tactics and remote desktop protocol (RDP) attacks to infiltrate a company’s network. After compromising a network, attackers exfiltrate data and encrypt files on the network before leaving a ransom note with further instructions.

Read more about FBI FLASH: Indicators of Compromise Associated with Hive Ransomware

August 25, 2021 WaterISAC Cyber Threat Briefing

WaterISAC convened its monthly Water Sector Cyber Threat Briefing on August 25. WaterISAC Infrastructure Cyber Defense Director Jennifer Lyn Walker presented.

Read more about August 25, 2021 WaterISAC Cyber Threat Briefing

Critical SSL VPN Vulnerabilities Across Multiple Products – Please Patch ‘em if you Got ‘em

Utilities using the following SSL VPN products within their environment are strongly encouraged to apply all available patches: Pulse Connect Secure SSL VPN, Fortinet Fortigate SSL VPN, and Citrix Application Delivery Controller (ADC), Gateway and SD-WAN WANOP.

Read more about Critical SSL VPN Vulnerabilities Across Multiple Products – Please Patch ‘em if you Got ‘em

You are here

Cybersecurity

It’s Difficult to Paint the OT/ICS Threat Landscape Picture when Incidents aren’t Reported

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 31, 2021

Cyber Resilience – Don’t Let Ransomware Make you Labor (Day)

CISA Adds the Next (#3) Cybersecurity Bad Practices to its Catalog – Updated August 31, 2021

ProxyToken – the Most Recent Microsoft Exchange Vulnerability

Cybersecurity Hygiene – Password Re-use, not Just for Users

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - August 26, 2021

FBI FLASH: Indicators of Compromise Associated with Hive Ransomware

August 25, 2021 WaterISAC Cyber Threat Briefing

Critical SSL VPN Vulnerabilities Across Multiple Products – Please Patch ‘em if you Got ‘em

Pages

You are here

Cybersecurity

Pages

Footer Email Signup