Welcome back to our next installment of ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM), as WaterISAC continues its complement to National Cybersecurity Awareness Month (NCSAM). We hope you were challenged a little by our last 15CFAM on Consequence-driven Cyber-informed Engineering (CCE), but as promised we are back to a more broadly practical fundamental on vulnerability management.
In recognition of National Cybersecurity Awareness Month, the FBI’s Portland, Oregon field office is offering some important reminders on how to stay safe online. For this week’s publication, it focuses on building a digital defense against some of the most common forms of cyber scams. It discusses two of the most common schemes, those involving ransomware and business email compromise (BEC). It also describes two of the typical vectors for these attacks, specifically spoofing and phishing.
CISA has published an advisory on an SQL injection vulnerability in Advantech R-SeeNet. Versions 1.5.1 through 2.4.10 are affected. Successful exploitation of this vulnerability could allow remote attackers to retrieve sensitive information from the R-SeeNet database. Advantech recommends updating to Version 2.4.11 or later. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
CISA has published an advisory on an external control of file name or path vulnerability in Advantech WebAccess/SCADA. Versions 9.0 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute remote code as an administrator. Advantech recommends users update to Version 9.0.1 or later. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
October 15, 2020
CISA has updated this advisory with additional information on mitigation measures. Read the advisory at CISA.
October 1, 2020
CISA has updated this advisory with additional information on mitigation measures. Read the advisory at CISA.
September 17, 2020
On Monday, a coalition of tech companies orchestrated a takedown attempt of TrickBot, currently one of the most successful malware-as-a-service operations. TrickBot survived the operation, with the command and control servers and domains that had been seized replaced the next day by new infrastructure. However, the operation appears to have had some effect on TrickBot, even if it was just temporal and limited. "Our estimate right now is what the takedown did was to give current victims a breather," a security researcher said.
Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability (CVE-2020-6364) affecting SAP Solution Manager and SAP Focused Run. CISA encourages users and administrators to review the SAP Security Notes for October 2020 and apply the necessary updates.
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft JET Database Engine, Azure Functions, Open Source Software, Microsoft Exchange Server, Visual Studio, PowerShellGet, Microsoft .NET Framework, Microsoft Dynamics, Adobe Flash Player, Microsoft Windows Codecs Library.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
