You are here

Home

Cybersecurity

October is National Cyber Security Awareness Month

This October, National Cybersecurity Awareness Month (NCSAM) is commemorating its fifteenth year as an annual initiative to raise awareness about the importance of cybersecurity. This year’s theme is: “Cybersecurity is our shared responsibility and we all must work together to improve our Nation’s cybersecurity.” DHS has released the NCSAM 2018 Toolkit, a comprehensive guide with resources intended to make it easy for organizations, regardless of size or industry, to engage and promote NCSAM.

Despite their Decreasing Numbers, USBs are Still Leveraged to Conduct Attacks

The use of USBs as an essential business tool is declining, but millions of these devices are still produced and distributed annually, with many given away in marketing promotion campaigns and at trade shows and destined for use in homes and businesses. USBs have been exploited by cyber threat actors, most famously by the Stuxnet worm in 2010, and remain a target for cyber threats. Kaspersky Lab data for 2017 shows that every 12 months or so, around one in four users worldwide is affected by a ‘local’ cyber incident.

Tec4Data SmartCooler (ICSA-18-263-01)

The NCCIC has released an advisory on a missing authentication for critical function vulnerability in Tec4Data Smart Cooler. All versions prior to firmware 180806 are affected. Successful exploitation of this vulnerability could cause the device to shut down by exploiting missing authentication for a critical function. Tec4Data has released new firmware to address the vulnerability and has distributed the new firmware to affected devices. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Rockwell Automation RSLinx Classic (ICSA-18-263-02) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on an uncontrolled search path element vulnerability in Rockwell Automation RSLinx Classic. Versions 4.00.01 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device. Rockwell Automation has released a new version of the software and also reports that users can disable Port 44818 if it is not utilized during system operation. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Cyber Criminals Utilize Social Engineering Techniques to Obtain Employee Credential to Conduct Payroll Diversion

The FBI’s Internet Crime Complaint Center (IC3) has released a Public Service Announcement (PSA) noting it has has received complaints reporting cybercriminals are targeting the online payroll accounts of employees in a variety of industries. According to the PSA, cyber criminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cyber criminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information.

WECON PLC Editor (ICSA-18-261-01) - Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in WECON PLC Editor. For SCALANCE X300 and X408, all versions prior to 4.0.0 are affected. Version 1.3.3U is affected. Successful exploitation of this vulnerability could result in unauthorized code execution within the current process. WECON has verified the vulnerability but has not yet released an updated version. All users should limit application interaction to only trusted files and update software to the latest version as updates become available.

Pages

Subscribe to Cybersecurity