The NCCIC reports it is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolves. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.
The NCCIC has published an advisory on an authentication bypass vulnerability in Emerson DeltaV. Multiple versions of this product are affected. Successful exploitation of this vulnerability could allow an attacker to shut down a service, resulting in a denial of service. Emerson recommends users to patch affected products. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the full advisory at NCCIC/ICS-CERT.
The NCCIC has published an advisory on a type confusion vulnerability in Omron CX-One CX-Protocol. Versions 2.0 and prior are affected. Successful exploitation of the vulnerability could allow an attacker to execute code under the privileges of the application. Omron has released an updated version of CX-One to address the vulnerability. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the full advisory at NCCIC/ICS-CERT.
The NCCIC has published an advisory on a type confusion vulnerability in Pilz PNOZmulti Configurator. All versions prior to 10.9 are affected. Successful exploitation of this vulnerability could allow sensitive data to be read from the system. Pilz has discontinued the PMI m107 diag HMI device and the function concerned was removed in PNOZmulti Configurator Version 10.9. Pilz has provided a list of steps (listed on the NCCIC advisory) to mitigate this vulnerability. The NCCIC also advises on a series of mitigating measures for this vulnerability.
The NCCIC has published an advisory on a cross-site scripting vulnerability in Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4. Numerous products and versions are affected. Successful exploitation of this vulnerability could allow an authenticated user to inject client-side scripts into some web pages that could then be viewed by other users. Tridium recommends that affected users upgrade to the latest versions of the software. The NCCIC also advises on a series of mitigating measures for this vulnerability.
The results of a recent survey by the Pew Research Center show that people in multiple countries think it is likely that government data, public infrastructure, and elections will be targeted by future hacks. Opinion is mixed, however, on whether their nations are prepared for such events. The results revealed that in the 26 countries included in the survey, 74% believe it is likely their country’s sensitive national security information would be accessed, 69% think it is likely that public infrastructure would be damaged, and 61% believe elections would be tampered with.
Tripwire has assembled a list of what it assesses to be the top information security conferences for 2019. The Amazon Web Service “RE:INFORCE” conference (June 25-26 in Boston, MA) has separate tracks intended for security engineers as well as C-suite executives. THOTCON (May 3-4 in Chicago, IL) will address topics that include industrial control systems and the Internet of Things.
An article in BetaNews describes seven best practices for small to midsize businesses (SMBs) employing WiFi that are meant to overcome problems that have been frequently observed by security experts. The best practices include setting up separate SSIDs for staff and guests, choosing a single WiFi vendor for a given site, and turning off obvious sources of interference. For these and ther other recommended measures, the article includes detailed explanations of why and how they should be employed.
In mid-December, human rights organization, Amnesty International reported having been the victim of two phishing campaigns, likely by the same attackers. Amnesty reported the attackers bypassed two-factor authentication (2FA) methods to steal credentials to obtain and maintain access to hundreds of victim's Google and Yahoo accounts.
Deliver greater Security Information & Event Management (SIEM) with stronger layers of defense for your clients.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
