Cybersecurity

Paying ransom demands in the hopes of regaining access to critical data is controversial, to say the least. Succumbing to extortion goes against conventional advice and wisdom against incentivizing the cybercrime business model, but sometimes organizations feel they have no other choice and paying seems like the best option at the time. However, paying a ransom is not straightforward.

The NCCIC has published an advisory on an improper input validation vulnerability in KACE Systems Management Appliance. All versions of 8.0.x, 8.1.x, and 9.0.x are affected. Successful exploitation of this vulnerability could allow an administrative user unintentional access to the underlying operating system of the device. Quest recommends affected users upgrade to Version 9.1 or newer. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.

With escalating tensions against the US from Iran, their perceived allies and proxies we have been informed of the increased cyber threat particularly against our industrial control systems. As the very same systems that provide for our livelihoods are being targeted by faceless enemies egregiously putting human lives at risk, it is past time for rules of engagement for cyber war to be agreed upon before lives are lost.

The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP635 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.