Cybersecurity

Today, the United Kingdom announced it and its allies had exposed a campaign by the GRU, the Russian military intelligence service, of indiscriminate and reckless cyber attacks targeting a variety of institutions.

Then NCCIC has released Technical Alert 18-276B about Advanced Persistent Threat (APT) actors attempted to infiltrate the networks of global managed service providers (MSPs) in order to gain unauthorized access to the networks of their customers. MSPs provide remote management of customer IT and end-user systems, and the number of organizations using MSPs has grown significantly over recent years since these services allow customers to scale and support their networks at lower costs than financing these resources internally.

The NCCIC has released an advisory on a heap-based buffer overflow vulnerability in GE Communicator. GE Communicator version 3.15 and prior and Gigasoft, a third-party product, version 5 and prior are affected. Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. GE recommends users update to Version 4.0 or the latest available release, to mitigate this vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Delta Electronics ISPSoft. Versions 3.0.5 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the context of the application. Delta Electronics recommends affected users update to ISPSoft v3.0.6 or newer. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.