You are here

Home » Cybersecurity

Cybersecurity

U.S. Experienced 14 Billion-Dollar Weather Disasters in 2018, According to NOAA

As part of its ongoing effort to track billion-dollar weather disasters, the National Oceanic and Atmospheric Administration (NOAA) reports there were 14 such events in the U.S. in 2018. Cumulatively, these events cost around $91 billion in damages. Both the number of events and their combined cost means 2018 ranks fourth highest since records began in 1980. Topping the list of disasters were Hurricane Michael, which caused $25 billion in damages, followed by the western U.S. wildfires and Hurricane Florence, which each caused $24 billion in damages.

Phishing Has Become the Root of Most Cyber Evil

Companies spend a huge amount of time and billions of dollars on security technology to keep threat actors out, and yet employees can negate all of these efforts by clicking on phishing links. According to one cybersecurity company, phishing was the root cause of 48 percent of the breaches it investigated. Many penetration testers have also confirmed the number one way to breach a company is by stealing a user’s credentials via phishing.

Canada is an “Attractive Target” for New Cyber Attack Techniques, Security Expert Testifies

Canada is an attractive target for malicious cyber operations and is often one of the first countries criminals and hostile nations target with new methods, cybersecurity expert and former CIA analyst Christopher Porter told Canada’s House of Commons committee Wednesday. Porter is the chief intelligence strategist at FireEye and was an analyst at the CIA for nine years, where he was tasked with briefing President Barack Obama’s National Security Council on cybersecurity.

Electric Company Suffers Security Breach due to Downloaded Game

A corporate computer infected with the Azorult information-stealing Trojan at a South African energy supplier led to the exposure of the company’s network credentials, customer information, redacted customer credit card information, and sensitive business information. According to a screenshot created by Azorult when it was installed, the infection was masquerading as a downloader for The Sims 4 game. Downloading software has always been a common source for computer infections, but over the last few months has increasingly become more problematic.

Report Urges Government and Private Firms Collaborate to Prevent Being Caught “Flat-Footed” during a Major Cyber Attack

A new report issued by the Foundation for Defense of Democracies (FDD) urges private companies and the U.S. government to work more closely together to help mitigate the impacts of a major cyber attack. The report is based on findings from a tabletop exercise the FDD hosted in October that featured a scenario in which several critical functions, including the U.S. power grid, were attacked at once.

Microsoft Releases Security Advisory for Exchange Server

Microsoft has released an advisory to address an elevation of privilege vulnerability in Microsoft Exchange Server. An attacker could exploit this vulnerability to take control of an affected system. The NCCIC encourages users and administrators to review the Microsoft Security Advisory and the CERT Coordination Center's Vulnerability Note VU#465632 and consider the workarounds until an update is available.

Marvell Avastar Wi-Fi Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Marvell Avastar wireless system on chip (SoC) models. An attacker could exploit this vulnerability to take control of an affected system. The NCCIC encourages users and administrators to review CERT/CC’s Vulnerability Note VU#730261 for more information and refer to vendors for appropriate updates, when available.

Rockwell Automation EtherNet/IP Web Server Modules (ICSA-19-036-02)

The NCCIC has published an advisory on an improper input validation vulnerability in Rockwell Automation EtherNet/IP Web Server Modules. For 1756-EWEB (includes 1756-EWEBK), versions 5.001 and prior are affected. For CompactLogix 1768-EWEB, versions 2.005 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to deny communication with Simple Network Management Protocol (SNMP) service. Rockwell Automation recommends that affected users disable the SNMP service if not in use.

Siemens SIMATIC S7-1500 CPU (ICSA-19-036-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIMATIC S7-1500 CPU. For SIMATIC S7-1500, versions 1.8.5 and prior are affected. For SIMATIC S7-1500, versions prior to 2.5, down to an including 2.0, are affected. Successful exploitation of these vulnerabilities could allow a denial of service condition of the device. Siemens recommends users upgrade to Version 2.5 or newer. Users who cannot upgrade because of hardware restrictions are recommended to apply the manual mitigations.

WECON LeviStudioU (ICSA-19-036-03) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on stack-based buffer overflow, heap-based buffer overflow, and memory corruption vulnerabilities in WECON LeviStudioU. Versions 1.8.56 and prior are affected. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code. WECON has produced an updated version to fix the reported problems. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the advisory at NCCIC/ICS-CERT.

Pages

Subscribe to Cybersecurity