Malvertising – malicious online ads often requiring zero user interaction to infect unsuspecting website visitors. Cybersecurity firm Avast discusses how the current scourge of malvertising appears to be more dynamic, stealthy, and persistent than historically observed. Malicious ads are often invisible and embedded into well-known websites through online advertising networks.
Phishers are not a very creative lot. They do not have to be. Malicious actors have been using the same phishing tactics because the same tactics are still successful, even after all these years. After analyzing 360,000 phishing emails over three months, cybersecurity firm Barracuda Networks identified the most common subject lines used in targeting businesses. These subjects highlight how cyber criminals continue to use social engineering to coerce us through a false sense of urgency and trust to succumb to their requests.
Microsoft has released an update to address a vulnerability in Azure Linux Guest Agent. An attacker could exploit this vulnerability to obtain access to sensitive information. The NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a security primer on the TrickBot malware. TrickBot is a modular banking Trojan that targets users’ financial information and acts as a dropper for other malware. An attacker can leverage TrickBot’s modules to steal banking information, conduct system and network reconnaissance, harvest credentials, and achieve network propagation.
The NCCIC has published an advisory on a path traversal vulnerability in PEPPERL+FUCHS WirelessHART-Gateways. All WHA-GW-* products are affected. Successful exploitation of this vulnerability could allow access to files and restricted directories stored on the device through the manipulation of file parameters. PEPPERL+FUCHS reports that affected users with WHA-GW-*-ETH devices should upgrade to firmware Version 03.00.08. Affected users with WHA-GW-*-ETH.EIP devices should upgrade to firmware Version 02.00.01.
The NCCIC has published an advisory on an uncontrolled search path element in Gemalto Sentinel UltraPro. Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 are affected. Successful exploitation of this vulnerability could allow execution of unauthorized code or commands. Users who have Sentinel UltraPro Client Library ux32w.versions v1.3.0, v1.3.1 or v1.3.2 are advised to upgrade to Sentinel UtraPro v1.3.3 in order to enable this security update. The NCCIC also recommends a series of mitigating measures for this vulnerability.
The NCCIC has published an advisory on an out-of-bounds write vulnerability in LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA. SCADA 4.1.0.4150 is affected. Successful exploitation of this vulnerability could allow remote code execution. LCDS recommends users update to Version 4.3.1.71. The NCCIC also recommends a series of mitigating measures for this vulnerability. Read the advisory at NCCIC/ICS-CERT.
On Monday, Sen. Mark Warner, co-chair of the Senate Cybersecurity Caucus introduced a bill into the House and Senate that would require the U.S. government to purchase only IoT devices that meet minimum security requirements. If passed, the Internet of Things Cybersecurity Improvement Act of 2019 requires the National Institute of Standards and Technology (NIST) to develop recommendations to ensure efforts are made to standardize secure development, identity management, patching, and configuration management of IoT devices.
An organizational cybersecurity strategy is not complete without an incident response plan. In a recent post, cyber-defense firm Exabeam highlights three elements of incident response: people, processes, and technology/tools. The post discusses the people that should compose the incident response team, including cross-organizational stakeholders who develop and govern the incident response plan.
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. This advisory was initially published on March 29, 2018 and last updated on February 5, 2019. Read the advisory at NCCIC/ICS-CERT.
May 17, 2018
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
