You are here

Home » Cybersecurity

Cybersecurity

How the Federal Government’s Partial Shutdown Affects the Department of Homeland Security

The partial government shutdown that began on Saturday has resulted in furloughs for nearly 33,000 federal employees from the U.S. Department of Homeland Security (DHS), which represents about 13 percent of the organization’s approximately 245,000 person workforce. DHS’s law enforcement and emergency management functions are largely unaffected by the shutdown, with most employees exempt from furloughs at components like Customs and Border Protection, the Coast Guard, the Transportation Security Administration, and the Federal Emergency Management Agency, among others.

Rockwell Automation FactoryTalk Services Platform (ICSA-18-331-02) – Product Used in the Water and Wastewater Sector

The NCCIC has published an advisory on an improper input validation vulnerability in Rockwell Automation FactoryTalk Services Platform. Versions 2.90 and earlier are affected. Successful exploitation of this vulnerability could allow a remote attacker to diminish communications or cause a complete denial of service to the device. Rockwell Automation recommends that affected users update to the latest version of the application. The NCCIC also advises on a series of mitigating measures for these vulnerabilities.

Horner Automation Cscape (ICSA-18-354-01)

The NCCIC has published an advisory on an improper input validation vulnerability in Horner Automation Cscape. Versions 9.80.75.3 SP3 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read confidential information, and may allow an attacker to remotely execute arbitrary code. Horner Automation recommends affected users update to the latest version of Cscape (Version 9.80 SP4). The NCCIC also advises on a series of mitigating measures for these vulnerabilities.

U.S. Government Announces Discovery of Chinese Malicious Cyber Activity against Managed Service and Cloud Service Providers

Earlier today, officials from the U.S. Department of Justice, including Deputy Attorney General Rod Rosenstein and FBI Director Christopher Wray, announced criminal indictments against computer hackers associated with the Chinese government. This case is significant because the hackers are accused of compromising Managed Service Providers (MSPs), which include Cloud Service Providers.

ABB M2M ETHERNET (ICSA-18-352-07)

The NCCIC has published an advisory on an improper authentication vulnerability in ABB M2M ETHERNET. For FW, version 2.22 and prior are affected. For ETH-FW, versions prior to 1.01 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to upload a malicious language file. ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. NCCIC/ICS-CERT.

ABB CMS-770 (ICSA-18-352-06)

The NCCIC has published an advisory on an improper authentication vulnerability in ABB CMS-770. All versions prior to 1.7.1 are affected. Successful exploitation of this vulnerability may allow an attacker to read sensitive configuration files that may lead to code execution on the device. ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. The NCCIC also advises on a series of mitigating measures for these vulnerabilities.

Siemens TIM 1531 IRC Modules (ICSA-18-352-05) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on a missing authentication for critical function vulnerability in Siemens TIM 1531 IRC Modules. All versions prior to 2.0 are affected. Successful exploitation of this vulnerability could allow an attacker to perform arbitrary administrative operations. Siemens recommends upgrading to firmware v2.0. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.

3S-Smart Software Solutions GmbH CODESYS V3 Products (ICSA-18-352-04)

The NCCIC has published an advisory on use of insufficiently random values and improper restriction of communication channel to intended endpoints vulnerabilities in 3S-Smart Software Solutions GmbH CODESYS V3 products. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to disguise the source of malicious communication packets and also exploit a random values weakness affecting confidentiality and integrity of data stored on the device.

Pages

Subscribe to Cybersecurity