You are here

Home » Cybersecurity

Cybersecurity

Latest Version of CIS Controls Features New Implementation Groups

The Center for Internet Security (CIS), the home of WaterISAC’s partner MS-ISAC, has announced enhancements to its CIS Controls with the release of version 7.1. This latest version introduces Implementation Groups (IGs) to the CIS Controls. The IGs are a simple and accessible way to help organizations classify themselves and focus their security resources and expertise while leveraging the value of the CIS Controls. The CIS Controls are internationally-recognized cybersecurity best practices for defense against common threats; they have been downloaded more than 150,000 times to date.

Rockwell Automation Stratix 5950 (ICSA-19-094-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on resource management errors and improper input validation vulnerabilities in Rockwell Automation Stratix 5950. Numerous products are affected. Successful exploitation of this vulnerability could allow a remote attacker to cause an affected device to reload. Rockwell Automation recommends that users not use any IPsec virtual private network (VPN) connections and apply a series of general guidelines. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.

Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700 (ICSA-19-094-03) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on resource management errors and improper input validation vulnerabilities in Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700. Numerous products and versions of those products are affected. Successful exploitation of these vulnerabilities could result in a denial-of-service condition or time synchronization issues across the network via reloading the device, a buffer overflow, or memory exhaustion. Rockwell Automation recommends users upgrade to the latest versions and to apply a series of general guidelines.

Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700 (ICSA-19-094-02) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an uncontrolled resource consumption vulnerability in Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700. Numerous products and versions of those products are affected. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to cause a memory leak on an affected device, which may cause the device to reload. Rockwell Automation recommends users upgrade to FRN 15.2(6)E2a or later and to apply a series of general guidelines.

Omron CX-Programmer (ICSA-19-094-01)

The NCCIC has published an advisory on a use after free vulnerability in Omron CX-Programmer within CX-One. CX-Programmer v9.70 and prior and Common Components January 2019 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. Omron has released an updated version of CX-One to address the vulnerability. The NCCIC has also provided a series of measures for mitigating the vulnerability.

Water/Wastewater - The Most Critical of All? We Think So!

In the latest in its series on compromising vital infrastructure, cybersecurity firm Malwarebytes provides a high-level review of cyber threats to the water sector and the interdependencies between water and other critical infrastructure sectors. The author writes a compelling reason why water/wastewater could be the most critical sector of all (but we already know that).

Advantech WebAccess/SCADA (ICSA-19-092-01) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory about command injection, stack-based buffer overflow, and improper access control vulnerabilities in Advantech WebAccess/SCADA. WebAccess/SCADA Versions 8.3.5 and prior are affected. Successful exploitation of these vulnerabilities may cause a denial of service and allow remote code execution. Advantech has released Version 8.4.0 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating these vulnerabilities.

Supply Chain Integrity Month

April is Supply Chain Integrity Month. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the Department of Defense (DOD) are partnering to promote the importance of supply chain security and risk management. Breaches in the supply chain provide an opportunity for malicious software or hardware to be installed on equipment.

LockerGoga Security Primer

The Multi-State ISAC (MS-ISAC) has published a Security Primer on the LockerGoga malware. This product provides an overview of the malware, lists indicators of concerns associated with this malware, includes a series of examples of the ransom notes left by the malware, and discusses recommendations for protecting organizations against LockerGoga activity. WaterISAC has been monitoring and reporting on LockerGoga since it was first disclosed that the malware was targeted industrial firms, the first of which appears to have been the Norwegian aluminum produce Norsk Hyrdo.

Pages

Subscribe to Cybersecurity