The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly published the Ransomware Guide, which details practices organizations should engage in to help manage the risk posed by ransomware. The guide consist of two parts, with the first providing best practices to prevent attacks and the second consisting of a response checklist.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive security considerations appropriate for their role:
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis report on a recent threat actor’s cyber attack on a federal agency’s enterprise network.
CISA has published an advisory on SQL injection, cross-site request forgery, and command injection vulnerabilities in MB connect line mbCONNECT24 and mymbCONNECT 24. For both products, versions 2.6.1 and prior are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to arbitrary information or allow remote code execution. MB connect line recommends users update mymbCONNECT24 and mbCONNECT24 to Version 2.6.2 or higher. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on path traversal, uncontrolled resource consumption, information exposure, improper authentication, and information disclosure vulnerabilities in B&R Automation SiteManager and GateManager. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could allow for arbitrary information disclosure, manipulation, and a denial-of-service condition. B&R Industrial Automation reports the vulnerabilities have been fixed in other versions. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on a buffer copy without checking size of input vulnerability in Yokogawa WideField3. WideField3 R1.01 – R4.-3 are affected. Successful exploitation of this vulnerability could terminate the program abnormally. Yokogawa has prepared revision R4.04 to address this vulnerability and recommends that users switch to this revision. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
They say “knowledge is power.” Therefore, knowing what assets you have, knowing where your vulnerabilities are (and fixing them), and knowing how to handle an incident and respond when your assets are compromised and vulnerabilities are exploited would seem to be a powerful advantage in cyber risk management. We know these are not the only programs for a successful ICS cyber risk management strategy, but one could argue they are foundational.
Tyler Technologies, a very large technology provider for the U.S. public sector, was impacted by a ransomware attack last week. It is reported that RansomExx ransomware was responsible for the attack.
September 25, 2020
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates. Read the advisory at CISA.
September 17, 2020
The National Security Agency (NSA) has just released Selecting and Safely Using Multifactor Authentication Solutions, which it intends to help partners more securely select and use multi-factor authentication (MFA) capabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
