Cybersecurity

Whether consistently performed and maintained or not, there is little argument on the importance of being proactive with the NIST Cybersecurity Framework’s first 2 core principles of identification and protection. The OT integrity company PAS Global makes an interesting observation that the importance of proactive detection, response, and recovery are not as well-discussed or practiced in OT environments. PAS explains this assertion by highlighting a recent case that illustrates some failures and opportunities associated with being reactive vs.

CISA has published an advisory on a cross-site scripting vulnerability in GE Reason S20 Ethernet Switches. All firmware versions prior to 07A06 are affected. Successful exploitation of these vulnerabilities could allow unauthorized accounts manipulation and allow for remote code execution. GE recommends that S20 users upgrade to firmware Version 07A06 or higher to fix this vulnerability. CISA recommends a series of measures to mitigate the vulnerability.

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about the LokiBot malware, which it notes it has observed a notable increase in the use of by malicious cyber actors since July 2020. According to the alert, LokiBot uses a credential- and information-stealing malware, often sent as a malicious attachment and known for being simple, yet effective, making it an attractive tool for a broad range of cyber actors across a wide variety of data compromise use cases.

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability – CVE-2020-1472 – affecting Microsoft Windows Netlogon Remote Protocol. ED 20-04 applies to federal government departments and agencies, requiring that they apply updates and report completion to CISA by Wednesday, September 23.