You are here

Home » Cybersecurity

Cybersecurity

CISA and OMB Release Guidance on Vulnerability Management for Federal Government Agencies

Yesterday the U.S. Department of Homeland Security Cybersecurity Agency (CISA) and the Office of Management and Budget released three documents providing guidance for how federal government agencies should manage vulnerabilities. The CISA guidance consists of a binding operational directive (BOD) that requires each federal agency to publish a vulnerability disclosure program (VDP) as well as implementation guidance.

Malicious Domain Blocking and Reporting – Newest Service from MS-ISAC for SLTTs

What do you get when you combine the influence of the Cybersecurity and Infrastructure Security Agency (CISA) with the resources of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and a global internet edge technology provider with an unprecedented view of the threat landscape? In short, MDBR – Malicious Domain Blocking and Reporting. The Center for Internet Security (CIS) has partnered through MS-ISAC and EI-ISAC with CISA and Akamai to make MDBR available at no cost to the members of the MS-ISAC and EI-ISAC.

Mitsubishi Electric Multiple Products (ICSA-20-245-01)

CISA has published an advisory on predictable exact value from previous values vulnerability in multiple products from Mitsubishi Electric. Successful exploitation of this vulnerability could be used to hijack TCP sessions and allow remote command execution. Mitsubishi Electric recommends that users take a series of mitigation measures to minimize the risk of exploiting this vulnerability. CISA recommends a series of measures to mitigate the vulnerability.

Emotet Makes You See Red

When Emotet is active there is no shortage of discoveries of additional behaviors designed to trick users and expand its infections. Last week, researchers discovered a new template that Emotet is using in its attachments. When a user clicks on an Emotet-laden attachment, they are presented with a red accent colored prompt to 'Enable Editing' and 'Enable Content' to view the document. This template has been named ‘Red Dawn’ due to the red accent colors.

Is Your OT Asset Management Flourishing or Floundering?

Knowing your assets is the foundation of a successful cybersecurity strategy. In fact, it is unrealistic to expect to adequately complete a basic cyber risk assessment without a comprehensive asset inventory. According to PAS, the OT integrity company, “without such an inventory, it is impossible to have the visibility necessary to understand and reduce risk.” OT asset inventory is not a one-size fits all program, and what qualifies as a good OT asset inventory is different for every organization.

CISA Alert: Technical Approaches to Uncovering and Remediating Malicious Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert highlighting technical approaches to uncovering malicious activity and providing mitigation steps according to best practices. The purpose of the report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation. CISA built this report in collaboration with the cybersecurity authorities of four other nations, including Australia, Canada, New Zealand, and the United Kingdom.

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A remote attacker could exploit this vulnerability to exhaust process memory of an affected device. This vulnerability was detected in exploits in the wild.

Red Lion N-Tron 702-W, 702M12-W (ICSA-20-240-01) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on reflected cross-site scripting, stored cross-site scripting, cross-site request forgery, hidden functionality, and use of unmaintained third-party components vulnerabilities in Red Lion N-Tron 702-W and 702M12-W. All versions of both products are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, execute system commands, and perform actions in the context of an attacked user. Red Lion’s 702-W Series was discontinued in 2018 and cannot be updated.

Emerson OpenEnterprise (ICSA-20-238-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on an inadequate encryption strength vulnerability in Emerson OpenEnterprise. All versions through 3.3.5 are affected. Successful exploitation of this vulnerability could allow an attacker access to credentials held by OpenEnterprise used for accessing field devices and external systems. Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 6 (3.3.6), to resolve this issue. CISA also recommends a series of measures to mitigate the vulnerability.

Pages

Subscribe to Cybersecurity