You are here

Home » Cybersecurity

Cybersecurity

"Operation Manic Menagerie" Uncovers "Extensive Compromise" of Australian Web Hosting Providers

The Australian Cyber Security Centre (ACSC) has just released a report of its technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers, which it discovered through “Operation Manic Menagerie.” The compromises of these providers may have facilitated compromises of their customers’ websites. The goal of this campaign was financial gain: websites running on compromised servers were modified to insert advertising and to support search engine optimization for other websites.

New Free Self-Assessment for CIS Controls

The Center for Internet Security (CIS), which operates the Multi-State Information Sharing and Analysis Center (MS-ISAC), has launched a free assessment tool to enable security practitioners to track and prioritize their implementation of the CIS Controls. Results from the CIS Controls Self-Assessment Tool (CIS CSAT) can be exported per department or organizational unit, or enterprises can take a more holistic view of the entire organization’s security. With cross-mappings to additional security frameworks, users can also track alignment between other best practices and the CIS Controls.

AVEVA Wonderware System Platform (ICSA-19-029-03) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an insufficiently protected credentials vulnerability in AVEVA Wonderware System Platform. Update 2 and prior are affected. This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User Account. AVEVA recommends users using Wonderware System Platform 2017 Update 2 and prior should upgrade to System Platform 2017 Update 3 as soon as possible. The NCCIC also advises on a series of mitigating measures for this vulnerability.

Yokogawa License Manager Service (ICSA-19-029-01) – Products Used in the Energy Sector

The NCCIC has published an advisory on an unrestricted upload of files with dangerous type vulnerability in Yokogawa License Manager Service. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to remotely upload files, allowing execution of arbitrary code. Yokogawa recommends users of affected devices and versions update to the latest available release. The NCCIC also advises on a series of mitigating measures for this vulnerability.

Mitsubishi Electric MELSEC-Q Series PLCs (ICSA-19-029-02)

The NCCIC has published an advisory on resource exhaustion vulnerability in Mitsubishi Electric MELSEC-Q Series PLCs. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets to the device, causing Ethernet communication to stop. Mitsubishi Electric has produced a new version of the firmware. The NCCIC also advises on a series of mitigating measures for this vulnerability.

Tax Identity Theft Awareness Week

Tax Identity Theft Awareness Week is January 28 to February 1. This annual campaign aims to help consumers be more informed about protecting themselves from tax-related identity theft and scams. Tax-related identity theft occurs when someone steals a Social Security number and uses it to claim a tax refund or get a job. The NCCIC encourages consumers to review the Internal Revenue Service (IRS) publication Taxes. Security.

Security Practitioner’s Guide to Email Spoofing and Risk Reduction

An article from Digital Shadows explains email spoofing in detail and provides a practical guide for how an organization can fight this tactic and reduce the risk of successful phishing attempts. The article discusses the traditional approach of bolting on security plugins to the Simple Mail Transfer Protocol (SMTP), while advocating for more advanced measures like implementing the Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM).

The Critical Role of Cybersecurity in Keeping Public Works Infrastructure Operational

Mark Ray, the director of Public Works for Crystal, Minnesota and chairman of the Emergency Management Committee at the American Public Works Association, has written an article describing the importance of maintaining cybersecurity for the systems and devices that are used to support the operations of public works. Besides malicious actors, he notes that threats to equipment may emerge from natural disasters and other unplanned events, necessitating planning for these situations as well. This planning entails considering the physical security of equipment as well.

Pages

Subscribe to Cybersecurity