You are here

Home » Cybersecurity

Cybersecurity

Entes EMG 12 (ICSA-18-275-03) – Product Used in the Energy Sector

The NCCIC has released an advisory on improper authentication and information exposure through query strings in GET request vulnerabilities in Entes EMG 12. EMG Ethernet Modbus Gateway Firmware versions 2.57 and prior are affected. Successful exploitation of these vulnerabilities may allow attackers to gain unauthorized access and could allow the ability to change device configuration and settings. Entes recommends that users update to the latest available firmware version.

Delta Electronics ISPSoft (ICSA-18-275-01)

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Delta Electronics ISPSoft. Versions 3.0.5 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the context of the application. Delta Electronics recommends affected users update to ISPSoft v3.0.6 or newer. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.

DNSSEC Key Signing Key Rollover

On October 11, 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the Domain Name System (DNS) Security Extensions (DNSSEC) protocol. DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important part of preventing domain name hijacking. Updating DNSSEC KSK is a crucial security step in ensuring DNSSEC-validating DNS resolvers continue to function after the rollover. While DNSSEC validation is mandatory for federal agencies, it is not required of the private sector.

Security Tip: Protecting against Malicious Code

The NCCIC has just published a new Security Tip regarding how to protect against malicious code, unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. This reference provides background into malicious code, discusses actions for protecting against it, explains the role of antivirus software, and addresses how a victim can recover from an incident of malicious code. NCCIC/US-CERT.

Cyber Actors Increasingly Exploit the Remote Desktop Protocol to Conduct Malicious Activity

The FBI’s Internet Crime Complaint Center (IC3) has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). RDP as an attack vector has been on the rise since mid-late 2016 with the rise of dark markets selling RDP Access. Malicious cyber actors have developed methods of identifying and exploiting vulnerable RDP sessions over the Internet to compromise identities, steal login credentials, and ransom other sensitive information.

National Cybersecurity Awareness Month 2018, Week 1 Theme: Cybersecurity at Home

The theme for the first week of National Cybersecurity Awareness Month is Cybersecurity at Home. For this, the National Cyber Security Alliance (NCSA) has published general tips to help you increase your cybersecurity awareness - including whom to contact if you are the victim of cyber crime - and protect your online activities.

Delta Electronics Delta Industrial Automation PMSoft (ICSA-18-270-04)

The NCCIC has released an advisory on an out-of-bounds read vulnerability in Delta Electronics Delta Industrial Automation PMSoft. Versions 2.11 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to read confidential information. Delta Electronics recommends affected users update to at least PMSoft v2.12. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.

Emerson AMS Device Manager (ICSA-18-270-01) – Product Used in the Energy Sector

The NCCIC has released an advisory on improper access control and improper privilege management vulnerabilities in Emerson AMS Device Manager. Versions 12.0 to 13.5 are affected. Successful exploitation of these vulnerabilities could allow arbitrary remote code execution and malware injection. Emerson recommends users patch the affected products. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
 

Pages

Subscribe to Cybersecurity