Cybersecurity

Siemens IE-WSN-PA Link WirelessHART Gateway (ICSA-19-253-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on a cross-site scripting vulnerability in Siemens IE/WSN-PA Link WirelessHART Gateway. All versions are affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, or denial-of-service. Siemens has identified specific workarounds and mitigations that users can apply to reduce the risk. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Read more about Siemens IE-WSN-PA Link WirelessHART Gateway (ICSA-19-253-04) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SINETPLAN (ICSA-19-253-02) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an improper authorization vulnerability in Siemens Network Planner (SINETPLAN). Version 2.0 is affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, and denial-of-service. Siemens recommends users update TIA Administrator to Version 1.0 SP1 Upd1. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Read more about Siemens SINETPLAN (ICSA-19-253-02) – Product Used in the Water and Wastewater and Energy Sectors

Ransomware Protection Strategies

The Cybersecurity and Infrastructure Security Agency (CISA) has posted a page on ransomware protection strategies, in which it notes it has observed an increase in ransomware attacks across the nation. It adds that one of its chief priorities is to help organizations protect themselves from ransomware, and in support of this mandate it encourages its partners to review a series of resources to help prevent, mitigate, and recover from these attacks.

Read more about Ransomware Protection Strategies

Rockwell Automation Allen-Bradley PowerMonitor 1000 (Update A) (ICSA-19-050-04)

September 5, 2019

The NCCIC has updated this advisory with additional details on the mitigation measures. Read the advisory at CISA.

February 19, 2019

Read more about Rockwell Automation Allen-Bradley PowerMonitor 1000 (Update A) (ICSA-19-050-04)

Rockwell Automation Arena Simulation Software (Update A) (ICSA-19-213-05)

September 5, 2019

The NCCIC has updated this advisory with additional details on the nature of the vulnerabilities, the technical details of the affected products, and mitigation measures. Read the advisory at CISA.

August 1, 2019

Read more about Rockwell Automation Arena Simulation Software (Update A) (ICSA-19-213-05)

Red Lion Controls Crimson (ICSA-19-248-01)

The NCCIC has published an advisory on use after free, improper restriction of operations within the bounds of a memory buffer, pointer issues, and use of hard-coded cryptographic key vulnerabilities in Red Lion Controls Crimson. Versions 3.0 and prior and versions 3.1 and prior, to release 3112.00, are affected. Red Lion Controls recommends users migrate to Crimson 3.1 release 3112.00 or later where the model choice allows. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.

Read more about Red Lion Controls Crimson (ICSA-19-248-01)

FBI FLASH: Increased Number of Emotet Command and Control IP Addresses Identified

The FBI has released a FLASH message on Emotet, providing new internet protocol (IP) addresses that have been associated with modular banking Trojan since it recently resumed operations after a hiatus that began in early June (for more on Emotet’s revival, read an article WaterISAC discussed in the August 27, 2019 Security and Resilience Update).

Read more about FBI FLASH: Increased Number of Emotet Command and Control IP Addresses Identified

U.S. Cyber Command Shares 11 New Malware Samples

U.S. Cyber Command has uploaded 11 malware samples to the malware aggregation tool and repository VirusTotal. Several of the samples have been attributed to the North Korean government. The upload comes as Cyber Command works to enhance its relationship with the private sector – it has only been sharing samples since last year. Read the article at CyberScoop.

Read more about U.S. Cyber Command Shares 11 New Malware Samples

CISA Malware Analysis Reports on Recent North Korean Activity: “ELECTRICFISH” and “BADCALL”

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published three Malware Analysis Reports (MARs) on recent malicious cyber activity being performed by the North Korean government.

Read more about CISA Malware Analysis Reports on Recent North Korean Activity: “ELECTRICFISH” and “BADCALL”

UK Cyber Incident Trends Report

The UK’s National Cyber Security Centre (NCSC) has published a report detailing cyber incident trends in the country from October 2018 to April 2019, which the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review. It reveals that five main threats and threat vectors affected UK organizations: cloud services, and Office 365 in particular; ransomware; phishing; vulnerability scanning; and supply chain attacks.

Read more about UK Cyber Incident Trends Report

You are here

Cybersecurity

Siemens IE-WSN-PA Link WirelessHART Gateway (ICSA-19-253-04) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SINETPLAN (ICSA-19-253-02) – Product Used in the Water and Wastewater and Energy Sectors

Ransomware Protection Strategies

Rockwell Automation Allen-Bradley PowerMonitor 1000 (Update A) (ICSA-19-050-04)

Rockwell Automation Arena Simulation Software (Update A) (ICSA-19-213-05)

Red Lion Controls Crimson (ICSA-19-248-01)

FBI FLASH: Increased Number of Emotet Command and Control IP Addresses Identified

U.S. Cyber Command Shares 11 New Malware Samples

CISA Malware Analysis Reports on Recent North Korean Activity: “ELECTRICFISH” and “BADCALL”

UK Cyber Incident Trends Report

Pages

You are here

Cybersecurity

Pages

Footer Email Signup