You are here

Home » Cybersecurity

Cybersecurity

Justice Department Issues Indictment of Iranian Men for SamSam Ransomware, Discusses Tactics Used in Campaign

The U.S. Department of Justice reports two Iranian men have been indicted on charges of having executed the 34-month-long international computer hacking and extortion scheme involving the “SamSam” ransomware. The six-count indictment alleges that the two men, acting from inside Iran, created the first version of the SamSam in December 2015, and developed refined versions in June and October 2017.

Securing Devices during Holiday Travel

As the holiday season begins, many people will travel with their mobile devices. Although these devices - such as smart phones, tablets, and laptops - offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review tips on Holiday Traveling with Personal Internet-Enabled Devices and Cybersecurity for Electronic Devices.

Schneider Electric Modicon M221 (ICSA-18-324-02)

The NCCIC has released an advisory on an insufficient verification of data authenticity vulnerability in Schneider Electric Modicon M221. All versions of this product are affected. Successful exploitation of this vulnerability could cause a change of IPv4 configuration (IP address, mask, and gateway) when remotely connected to the device. Schneider Electric recommends a series of mitigations to reduce the risk. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Teledyne DALSA Sherlock (ICSA-18-324-01)

The NCCIC has released an advisory on an stack-based buffer overflow vulnerability in Teledyne DALSA Sherlock. Version 7.2.7.4 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. Teledyne DALSA recommends users upgrade to Sherlock Version 7.2.7.5 or later. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Forty-eight Percent of Electric Utility CEOs Think Cybersecurity Attack is Inevitable

According to a survey performed by KPMG, 48% of electric utility CEOs think a cyber attack against their organization is more a matter of “when” and not “if.” The survey also found that cybersecurity was among the top concerns for these CEOs, triggered in part by concerns from past incidents and intrusion attempts involving the electricity sector, some of which are highlighted. The survey also found that 58% of CEOs felt prepared to identify a cybersecurity threat and 59% identified cybersecurity specialists as the most important new role in their company.

Holiday Scams and Malware Campaigns

The NCCIC has published an advisory reminding partners to be aware of seasonal scams and malware campaigns. It advises partners to be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identify theft, or financial loss. The advisory includes a series of recommended protective actions as well as response measures for victims.

Pages

Subscribe to Cybersecurity