You are here

Home » Cybersecurity

Cybersecurity

National Insider Threat Awareness Month – More Resources to Tackle Insider Threats

Continuing in the spirit of National Insider Threat Awareness Month (NITAM), the InfraGardNCR chapter has publicly posted an excellent Vantage Point blog outlining a basic framework for building, reviewing, and strengthening insider threat programs. In the post, Jim Stone highlights nine fundamental steps for any size and type of organization to follow.

CISA Alert: Chinese Government-affiliated Malicious Cyber Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about cyber threat actors affiliated with the Chinese government – specifically the Ministry of State Security – targeting U.S. government agencies. CISA developed the alert with contributions from the FBI. The alert states that the threat actors are using open-source information to plan and conduct cyber operations and employing readily available exploits and exploit toolkits to quickly engage target networks.

HMS Networks Ewon Flexy and Cosy (ICSA-20-254-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a permissive cross-domain policy with untrusted domains vulnerability in HMS Networks Ewon Flexy and Cosy. All versions prior to 14.1 are affected. Successful exploitation of this vulnerability could allow attackers to retrieve limited confidential information. HMS Networks recommends a series of mitigations for the vulnerability. CISA recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

FATEK Automation PLC WinProladder (ICSA-20-254-02)

CISA has published an advisory on a stack-based buffer overflow vulnerability in FATEK Automation PLC WinProladder. Versions 3.28 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may cause a denial-of-service event and remote code execution. FATEK has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products who would like to see more responsible security are invited to contact Fatek customer support.

AVEVA Enterprise Data Management Web (ICSA-20-254-01)

CISA has published an advisory on an SQL injection vulnerability in AVEVA Enterprise Data Management Web. Enterprise Data Management Web v2019 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected device. AVEVA reports that affected users are recommended to upgrade to AVEVA Enterprise Data Management Web v2019 SP1 as soon as possible. If an upgrade to v2019 SP1 is not possible, users can contact AVEVA Global Customer Support, and a hot-fix can be made available for eDNA Web v2018 SP2.

2020 State of the Homeland Address

Yesterday U.S. Department of Homeland Security (DHS) Secretary Chad Wolf delivered the 2020 State of the Homeland Address. In his address Secretary Wolf reflected on how DHS has evolved since it was founded more than 17 years ago. Speaking of this evolution, he discussed some of today’s potential threat vectors that didn’t exist at the time of the Department’s inception, which include smart phones and cryptocurrency.

Microsoft Releases September 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), Microsoft ChakraCore, Internet Explorer, SQL Server, Microsoft JET Database Engine, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Dynamics, Visual Studio, Microsoft Exchange Server, SQL Server, ASP.NET, Microsoft OneDrive, and Azure DevOps.

Pages

Subscribe to Cybersecurity