On Friday, August 16, the Texas Department of Information Resources (DIR) reports 23 local governments in the state were infected with ransomware in what it described as a coordinated attack. "It appears all entities that were actually or potentially impacted have been identified and notified," DIR said.
Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.
Back in the day, data found in malware was much more generic, or at least much less specific. Today, with phishing-based scams, BEC, and CEO-fraud leading the pack of cyber attack techniques, the malware samples being uploaded to free malware scanning services reveal far more specific company data than they used to. The Register posted a reminder about the dangers of uploading malware to public online sandbox services. Malware samples certainly provide valuable data for cyber analysts, but malicious actors also view the data.
The NCCIC has published an advisory on a stack-based buffer overflow vulnerability in Fuji Electric Alpha5 Smart Loader. All versions prior to 4.2 are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. Fuji Electric has released version 4.2 of the Alpha Loader software. The NCCIC also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.
The NCCIC has published an advisory on reusing a nonce, key pair in encryption and on the use of hard-coded cryptographic key vulnerabilities in Johnson Controls Metasys. Versions prior to 9.0 are affected. Successful exploitation of these vulnerabilities could be leveraged by an attacker to decrypt captured network traffic. Johnson Controls recommends users upgrade to version 9.0 or later and configure sites with trusted certificates. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.
Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in its operating systems. An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708 - dubbed BlueKeep - these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems.
The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service (DoS) condition. Attacks can consume excessive system resources and lead to distributed DoS (DDoS) attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#605641 for more information and refer to vendors for updates.
In its 2018 Application Security Statistics Report, WhiteHat Security advocates for organizations to scan their applications for vulnerabilities while they are in production to reduce risks, costs, and complexity in the long run.
August 13, 2019
The NCCIC has updated this advisory with additional information on the affected products. Read the advisory at CISA.
July 9, 2019
The NCCIC has published an advisory on out-of-bounds read and use after free vulnerabilities in Delta Industrial Automation DOPSoft. DOPSoft Version 4.00.06.15 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or crash of the application. Delta recommends users update to the latest version of DOPSoft, version 4.00.06.47, and restrict interaction with the application to trusted files. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
