According to an article from Symantec, attacks on industrial control systems (ICS) and Internet of Things (IoT) on the upswing, but organizations aren’t always doing enough to defend themselves. Symantec notes it logged a six-fold increase in the number attacks on customers' IoT systems last year. Elsewhere, 41 percent of ICS computers were attacked in the first half of 2018, up from 37 percent a year earlier.
It may seem strange that nation states are behind breaches of companies like Marriott and Delta. Such attacks would seem to be done for financial gain, a motive that is more often attributed to individuals and criminal groups than countries. As an article from Radware explains, foreign intelligence agencies can accumulate a lot of information about these companies’ customers from these breaches, which they can use to build profiles of certain individuals.
The Director of National Intelligence (DNI) has released the 2019 National Intelligence Strategy, which is intended to provide the U.S. intelligence community with strategic direction for the next four years. In its opening pages, the document notes that the strategic environment is changing rapidly, with threats continuing to be posed by traditional adversaries as well as emerging from new actors and technologies like violent extremist groups and cyber tools.
The NCCIC has published an advisory on path traversal and improper authentication vulnerabilities in Johnson Controls Facility Explorer. Versions 14.x prior to 14.4u1 and 6.x prior to 6.6 are affected. Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete sensitive files to gain administrator privileges in the Facility Explorer system. Johnson Controls has mitigated these vulnerabilities in the updated versions, which the NCCIC recommends users upgrade to. The NCCIC also advises on a series of mitigating measures for this vulnerability.
January 28 is Data Privacy Day (DPD), an annual effort to promote data privacy awareness and education. This year’s DPD events, sponsored by the National Cyber Security Alliance (NCSA), focus around the theme, A New Era in Privacy.
An article from CSO magazine describes how a hacker can send someone an email and capture their password hash, and then crack it to a plaintext password that can be used to access their accounts. Hashing is the act of converting passwords into unreadable strings of characters that are designed to be impossible to convert back, known as hashes. Cracking the password hash is possible because under easy-to-simulate circumstances, embedded links in an email can cause your computer to try authenticating to a remote server.
Cybersecurity company Check Point has just published its 2019 Security Report, presenting its analysis of the cyber threat environment collected from its global network of threat sensors and a new survey of IT professionals and C-suite level executives. Among its most interesting findings, the report notes that 37 percent of organizations globally were impacted by cryptomining malware in 2018. The report also states that cryptomining malware has evolved to exploit high-profile vulnerabilities and to evade sandboxes and security products to expand infection rates.
The NCCIC has released an advisory on improper authentication and cross-site scripting vulnerabilities in ControlByWeb X-320M. Versions 1.05 and prior are affected. Successful exploitation of these vulnerabilities may allow arbitrary code execution and could cause the device being accessed to require a physical factory reset to restore the device to an operational state. ControlByWeb has released a firmware update to address the vulnerabilities found on the X-320M. The NCCIC also advises on a series of mitigating measures for this vulnerability.
The NCCIC has released an advisory on an improper input validation vulnerability in ABB CP400 Panel Builder TextEditor 2.0. Versions 2.0.7.05 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code and cause a denial-of-service condition within the Text Editor application. ABB recommends users of affected Versions 2.0.7.05 and prior update to the latest Version 2.1.7.21. The NCCIC also advises on a series of mitigating measures for this vulnerability.
An upward trend has been recorded with business email compromise (BEC) scams where fraudsters trick human resource departments into changing an employee's direct deposit information to divert paychecks into an account they control. In a typical BEC scam, the fraudster sends an email to an employee authorized to make wire transfers and deceives them into sending the money into an unauthorized account. The underlying principle remains the same, only this time the victim could be anyone in the company.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
