The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1 – that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems' memory. Spectre is a flaw an attacker can exploit to force a program to reveal its data.
The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users to check and monitor their credit report to protect against identify theft and to be aware of potential phishing scams related to the breach.
In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events.
The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce, which discusses multifactor authentication (MFA) protection methods that can be implemented to reduce fraudulent purchases. Although this guide it specifically intended for online retailers, it can still be of use to any organization that receives payments from customers in online environments.
Cybersecurity firm Proofpoint identified a new spear phishing campaign that targeted three undisclosed U.S. utilities. Based on overlaps with historical campaigns and macros utilized, Proofpoint believes the campaign is state-sponsored. The convincing phishing lures purport to come from the National Council of Examiners for Engineering and Surveying (NCEES), a business that handles professional licensing for engineers and surveyors, indicating the threat actors have a decent amount of industry knowledge.
The NCCIC has published an advisory on unverified ownership and uncontrolled memory allocation vulnerabilities in 3S-Smart Software Solutions GmbH CODESYS V3. All variants of a series of CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system. Successful exploitation of these vulnerabilities could allow a remote attacker to close existing communication channels or to take over an already established user session to send crafted packets to a PLC.
The NCCIC has published an advisory on an out-of-bounds read vulnerability in Fuji Electric FRENIC Loader. Versions 3.5.0.0 and prior are affected. Successful exploitation of this vulnerability could allow information disclosure. Fuji Electric has released a new version of FRENIC Loader that addresses the reported vulnerability. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
The NCCIC has released an advisory on out-of-bounds read and type confusion vulnerabilities in LCDS LAquis. SCADA 4.3.1.71 is affected. Successful exploitation of these vulnerabilities could allow an attacker to obtain confidential information or execute remote code. LCDS recommends users update to Version 4.3.1.323. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
The NCCIC has published an advisory on an out-of-bounds write vulnerability in Advantech WebAccess HMI Designer. Versions 2.1.9.23 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code. Advantech has released Version 2.1.9.31 of WebAccess HMI Designer to address the reported vulnerability. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
Unit 42, which describes itself as “the global threat intelligence team” at Palo Alto Networks, has released 11 new “Adversary Playbooks” that present the tools, techniques, and procedures (TTPs) used by cyber threat actors. The addition of the newest Playbooks nearly doubles the number in Unit 42’s collection, which now stands at 21.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
