Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple's security page for macOS Mojave 10.14 and apply the necessary update. NCCIC/US-CERT.
When it comes to assessing the risk from the human element, most cybersecurity professionals don’t know where to start. Often organizations are shortsighted and look at only the immediate phishing or misdirected emails rather than what the impacts are further down the attack chain. This can lead to over-stating or under-stating the actual risk.
The use of USBs as an essential business tool is declining, but millions of these devices are still produced and distributed annually, with many given away in marketing promotion campaigns and at trade shows and destined for use in homes and businesses. USBs have been exploited by cyber threat actors, most famously by the Stuxnet worm in 2010, and remain a target for cyber threats. Kaspersky Lab data for 2017 shows that every 12 months or so, around one in four users worldwide is affected by a ‘local’ cyber incident.
Late last week, the White House announced a new national cybersecurity strategy intended to improve the defensive postures of federal and private sector networks and systems. The strategy is comprised of four overarching pillars, each of which consists of a series of actions.
The NCCIC has released an advisory on a missing authentication for critical function vulnerability in Tec4Data Smart Cooler. All versions prior to firmware 180806 are affected. Successful exploitation of this vulnerability could cause the device to shut down by exploiting missing authentication for a critical function. Tec4Data has released new firmware to address the vulnerability and has distributed the new firmware to affected devices. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.
The NCCIC has released an advisory on an uncontrolled search path element vulnerability in Rockwell Automation RSLinx Classic. Versions 4.00.01 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device. Rockwell Automation has released a new version of the software and also reports that users can disable Port 44818 if it is not utilized during system operation. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.
The FBI’s Internet Crime Complaint Center (IC3) has released a Public Service Announcement (PSA) noting it has has received complaints reporting cybercriminals are targeting the online payroll accounts of employees in a variety of industries. According to the PSA, cyber criminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cyber criminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information.
The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in WECON PLC Editor. For SCALANCE X300 and X408, all versions prior to 4.0.0 are affected. Version 1.3.3U is affected. Successful exploitation of this vulnerability could result in unauthorized code execution within the current process. WECON has verified the vulnerability but has not yet released an updated version. All users should limit application interaction to only trusted files and update software to the latest version as updates become available.
September 18, 2018
The NCCIC has updated this advisory with additional details on the vulnerability and mitigation measures. NCCIC/ICS-CERT.
July 19, 2018
According to a recent Crowdstrike study, two-thirds of organizations across a wide variety of sectors experienced a software supply chain attack in the past 12 months. Adversaries have turned to this attack vector because traditional cybersecurity solutions that protect the network perimeter are advancing to the point they have had to find other ways to infiltrate an enterprise.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
