You are here

Home » Cybersecurity

Cybersecurity

UK Cyber Incident Trends Report

The UK’s National Cyber Security Centre (NCSC) has published a report detailing cyber incident trends in the country from October 2018 to April 2019, which the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review. It reveals that five main threats and threat vectors affected UK organizations: cloud services, and Office 365 in particular; ransomware; phishing; vulnerability scanning; and supply chain attacks.

Potential Hurricane Dorian Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a hurricane-related subject line, attachment, or hyperlink. In addition, users should be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.

EZAutomation EZ PLC Editor (ICSA-19-246-02)

The NCCIC has published an advisory on an improper restriction of operations within the bounds of a memory buffer vulnerability in EZAutomation EZ PLC Editor. Versions 1.8.41 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. EZAutomation recommends users update to Version 1.9.0 or later and, to further reduce the risk, to use project files from known sources. The NCCIC also recommends a series of measures to mitigate the vulnerability.

EZAutomation EZ Touch Editor (ICSA-19-246-01)

The NCCIC has published an advisory on a stack-based buffer overflow vulnerability in EZAutomation EZ Touch Editor. Versions 2.1.0 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. EZAutomation recommends users update to Version 2.2.0 or later and, to further reduce the risk, to use project files from known sources. The NCCIC also recommends a series of measures to mitigate the vulnerability.

BEC Overtakes Ransomware and Data Breaches in Cyber Insurance Claims

According to insurance company AIG, business email compromise (BEC) has overtaken ransomware and data breaches as the main reason companies filed a cyber-insurance claim. According to statistics published by the company in July, which was for the EMEA (Europe, the Middle East, and Asia) region, BEC-related insurance filings accounted for nearly a quarter (23%) of all cyber-insurance claims the company received in 2018.

Datalogic AV7000 Linear Barcode Scanner (ICSA-19-239-02)

The NCCIC has published an advisory on an authentication bypass using an alternate path of channel vulnerability in Datalogic AV7000 Linear Barcode Scanner. All versions prior to 4.6.0.0 are affected. Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication through issues in the HTTP authentication process. Datalogic reports a new version of the firmware was released to mitigate the reported vulnerability. The NCCIC also recommends a series of measures to mitigate the vulnerability.

Delta Controls enteliBUS Controllers (ICSA-19-239-01)

The NCCIC has published an advisory on a buffer overflow vulnerability in enteliBUS Controllers. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker on the same network to gain complete control of the device’s operating system and allow remote code execution. Delta Controls recommends users upgrade from enteliBUS 3.40 firmware to Version 3.40 R6 build 612850. Additionally, Delta Controls states it is important buildings are updated to the 3.40 R6 release to mitigate risk.

15 Cybersecurity Fundamentals Revisited – #1 Perform Asset Inventories

The ongoing process of asset management is foundational for assessing, prioritizing, and managing risk across the entire organization. Without knowing what assets you have, there is nothing meaningful to inform other risk management programs such as vulnerability management, governance, incident response, etc. WaterISAC's 15 Cybersecurity Fundamentals for Water and Wastewater Utilities discusses the importance of including asset characteristics beyond just a list of devices for a comprehensive inventory record.

15 Cybersecurity Fundamentals Refresher – #4 Enforce User Access Controls

When internet giants Microsoft and Google make bold statistics about stopping greater than 99% of automated attacks by using multifactor authentication (MFA), it is probably a good idea to heed their advice. According to Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft, based on their studies, accounts are more than 99.9% less likely to be compromised when using MFA.

Pages

Subscribe to Cybersecurity