Paying ransom demands in the hopes of regaining access to critical data is controversial, to say the least. Succumbing to extortion goes against conventional advice and wisdom against incentivizing the cybercrime business model, but sometimes organizations feel they have no other choice and paying seems like the best option at the time. However, paying a ransom is not straightforward.
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight – ACSC’s list of the top mitigation strategies to help organizations protect their systems against threats.
The NCCIC has published an advisory on an improper input validation vulnerability in KACE Systems Management Appliance. All versions of 8.0.x, 8.1.x, and 9.0.x are affected. Successful exploitation of this vulnerability could allow an administrative user unintentional access to the underlying operating system of the device. Quest recommends affected users upgrade to Version 9.1 or newer. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.
In the face of the diminished air-gap, former NSA Director and U.S. Cyber Commander, Michael S. Rogers, and Claroty’s Chief Security Officer Dave Weinstein suggest America’s critical infrastructure is not vulnerable because it is digital or automated, but because the attackers know the terrain better than the defenders.
With escalating tensions against the US from Iran, their perceived allies and proxies we have been informed of the increased cyber threat particularly against our industrial control systems. As the very same systems that provide for our livelihoods are being targeted by faceless enemies egregiously putting human lives at risk, it is past time for rules of engagement for cyber war to be agreed upon before lives are lost.
The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in SICK MSC800. All versions prior to 4.0 are affected. Successful exploitation of this vulnerability could allow a low-skilled remote attacker to reconfigure settings and/or disrupt the functionality of the device. SICK recommends affected users upgrade to the latest firmware version (v4.0). The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.
The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP635 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.
The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP651 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.
The NCCIC has published an advisory on use of hard-coded credentials, improper authentication, relative path traversal, improper input validation, and stack-based buffer overflow vulnerabilities in ABB PB610 Panel Builder 600. PB610 Panel Builder 600, order code: 1SAP500900R0101, versions 1.91 to 2.8.0.367 and prior are affected.
The NCCIC has published an advisory on Path Traversal, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write, and Untrusted Pointer Dereference vulnerabilities in Advantech WebAccess/SCADA. Versions 8.3.5 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, deletion of files, and remote code execution. Advantech has released Version 8.4.1 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
