You are here

Home » Cybersecurity

Cybersecurity

GE Digital APM Classic (ICSA-20-266-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on authorization bypass through user-controlled key and use of a one-way hash without a salt vulnerabilities in GE Digital APM Classic. Versions 4.4 and prior are affected. Successful exploitation of these vulnerabilities could allow access to sensitive information. GE Digital APM Classic 4.5 contains mitigations for these vulnerabilities. GE Digital recommends all users upgrade to GE Digital APM Classic 4.5 or newer. CISA recommends a series of measures to mitigate the vulnerabilities.

CISA Alert: LokiBot Malware

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about the LokiBot malware, which it notes it has observed a notable increase in the use of by malicious cyber actors since July 2020. According to the alert, LokiBot uses a credential- and information-stealing malware, often sent as a malicious attachment and known for being simple, yet effective, making it an attractive tool for a broad range of cyber actors across a wide variety of data compromise use cases.

CISA Strongly Recommends Patching Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability – CVE-2020-1472 – affecting Microsoft Windows Netlogon Remote Protocol. ED 20-04 applies to federal government departments and agencies, requiring that they apply updates and report completion to CISA by Wednesday, September 23.

Drupal Releases Security Updates – Updated September 17, 2020

September 17, 2020

Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or leverage the way HTML is rendered. CISA encourages users and administrators to review the following Drupal security updates and apply the necessary updates. Read the advisory at CISA.

Tags: 
us-cert drupal

FERC and NERC Publish Cyber Planning for Response and Recovery Study (CYPRES) Report

The Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) published a report this week on cyber planning for response and recovery that outlines best practices for the electric utility industry. The report includes observations on defensive capabilities and effectiveness of Incident Response and Recovery (IRR) plans. The report identifies common elements among the IRR plans and best practices of effective IRR plans.

FBI FLASH: Intrusion Activities of China-based Cyber Actors Associated with APT 41

The FBI has published a (TLP:WHITE) FLASH message providing technical details of cyber actors based in China, associated with APT 41, who have been indicted for computer intrusions affecting more than 100 victim companies in the U.S. and abroad. Some of the targeted victims were in the “government” industry. The FLASH describes how the actors used a wide range of tactics to gain initial access, including spear-phishing and by exploiting publicly identified security vulnerabilities, including those involving VPNs.

Advtantech WebAccess Node (ICSA-20-261-01)

CISA has published an advisory on an incorrect permission assignment for critical resource vulnerability in Advtantech WebAccess Node. All versions prior to 9.0.1 are affected. Successful exploitation of this vulnerability could allow an attacker to escalate their privileges. Advantech has released update 9.0.1 to mitigate this vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Vulnerability Management – Considerations in OT/ICS Vulnerability Assessments

Identifying and remediating vulnerabilities are paramount to a successful cybersecurity strategy. While vulnerability disclosures, CVEs, and CVSS scores are a good place to start when addressing security gaps, neither offers a complete picture or effective assessment for OT/ICS environments. After ten years of vulnerability assessments, industrial cybersecurity firm Verve has observed several common gaps and offers their top five considerations every OT/ICS environment can benefit from understanding.

Pages

Subscribe to Cybersecurity