You are here

Home » Cybersecurity

Cybersecurity

Mitsubishi Electric Multiple Products (ICSA-20-245-01)

CISA has published an advisory on predictable exact value from previous values vulnerability in multiple products from Mitsubishi Electric. Successful exploitation of this vulnerability could be used to hijack TCP sessions and allow remote command execution. Mitsubishi Electric recommends that users take a series of mitigation measures to minimize the risk of exploiting this vulnerability. CISA recommends a series of measures to mitigate the vulnerability.

Emotet Makes You See Red

When Emotet is active there is no shortage of discoveries of additional behaviors designed to trick users and expand its infections. Last week, researchers discovered a new template that Emotet is using in its attachments. When a user clicks on an Emotet-laden attachment, they are presented with a red accent colored prompt to 'Enable Editing' and 'Enable Content' to view the document. This template has been named ‘Red Dawn’ due to the red accent colors.

Is Your OT Asset Management Flourishing or Floundering?

Knowing your assets is the foundation of a successful cybersecurity strategy. In fact, it is unrealistic to expect to adequately complete a basic cyber risk assessment without a comprehensive asset inventory. According to PAS, the OT integrity company, “without such an inventory, it is impossible to have the visibility necessary to understand and reduce risk.” OT asset inventory is not a one-size fits all program, and what qualifies as a good OT asset inventory is different for every organization.

CISA Alert: Technical Approaches to Uncovering and Remediating Malicious Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert highlighting technical approaches to uncovering malicious activity and providing mitigation steps according to best practices. The purpose of the report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation. CISA built this report in collaboration with the cybersecurity authorities of four other nations, including Australia, Canada, New Zealand, and the United Kingdom.

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild.

Red Lion N-Tron 702-W, 702M12-W (ICSA-20-240-01) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on reflected cross-site scripting, stored cross-site scripting, cross-site request forgery, hidden functionality, and use of unmaintained third-party components vulnerabilities in Red Lion N-Tron 702-W and 702M12-W. All versions of both products are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, execute system commands, and perform actions in the context of an attacked user. Red Lion’s 702-W Series was discontinued in 2018 and cannot be updated.

Emerson OpenEnterprise (ICSA-20-238-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on an inadequate encryption strength vulnerability in Emerson OpenEnterprise. All versions through 3.3.5 are affected. Successful exploitation of this vulnerability could allow an attacker access to credentials held by OpenEnterprise used for accessing field devices and external systems. Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 6 (3.3.6), to resolve this issue. CISA also recommends a series of measures to mitigate the vulnerability.

Advantech iView (ICSA-20-238-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a path traversal vulnerability in Advantech iView. iView Versions 5.7 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to read/modify information, execute arbitrary code, limit system availability, and/or crash the application. Advantech has released Version 5.7.02 of iView to address the reported vulnerability. CISA also CISA also recommends a series of measures to mitigate the vulnerability.

Avaddon Ransomware May Impact Water Infrastructure Contractor

The Avaddon ransomware operators claimed to have breached and leaked stolen data from a concrete formwork construction company involved in water infrastructure projects, including water treatment plants and reservoirs. Through information provided by a trusted third party, WaterISAC is aware that Avaddon is claiming on its darkweb site to have leaked 25% of the data reportedly stolen from EFCO (www[.]efcoforms[.]com). Avaddon is a relatively new ransomware-as-a-service (RaaS) malware and has recently jumped on the data breach bandwagon.

Pages

Subscribe to Cybersecurity