You are here

Home » Cybersecurity

Cybersecurity

ARC Informatique PcVue (ICSA-20-308-03)

CISA has published an advisory on deserialization of untrusted data, access to critical private variable via public method, and information exposure of sensitive information to an unauthorized actor vulnerabilities in ARC Informatique PcVue. PcVue Versions 8.10 to versions prior to 12.0.17 are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, expose sensitive data, and prevent legitimate users from connecting to PcVue services. ARC Informatique recommends upgrading PcVue to v12.0.17. CISA also recommen

NEXCOM NIO50 (ICSA-20-308-02)

CISA has published an advisory on improper input validation and cleartext transmission of sensitive information vulnerabilities in NEXCOM NIO50. All versions of NEXCOM NIO 50 are affected. Successful exploitation of these vulnerabilities could allow an attacker to view sensitive information and cause a denial-of-service condition due to improper input validation. NEXCOM no longer sells or maintains NIO 50 and considers it to be an end-of-life product. CISA also recommends a series of measures to mitigate the vulnerabilities.

WAGO Series 750-88x and 750-352 (ICSA-20-308-01) - Products Used in the Energy Sector

CISA has published an advisory on an uncontrolled resource consumption vulnerability in WAGO Series 750-88x and 750-352. A series of firmware versions prior to FW11 are affected. Successful exploitation of this vulnerability could allow an attacker to crash the device being accessed using a denial-of-service attack. WAGO recommends updating to the latest firmware, Version FW14. It also recommends other mitigations and workarounds to help reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

NCI Ransomware Report: Analysis of Activity and Recommendations to Disrupt Operations

The National Council of ISACs (NCI), of which WaterISAC is a member, has published a report describing how criminal organizations conduct ransomware operations and their impact to society. The report provides a thorough background of ransomware, to include providing descriptions of how ransomware infections occur and offering key statistics. One of these statistics is an estimate from the FBI that there are 4,000 ransomware attacks every day, equating to a ransomware attack every 40 seconds.

Advisory on Iranian APT Actor Targeting Voter Registration Data

On the topic of activities that could help trigger election-related civil unrest and violence, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory on an Iranian advanced persistent threat (APT) actor targeting U.S. state websites, including elections websites, to obtain voter registration data. CISA and the FBI assess this actor is responsible for the mass dissemination of voter intimidation emails to U.S. citizens and the dissemination of U.S.

November Brings Awareness to the Importance of Security and Resilience to Protect our Way of Life

We ended our ‘15CFAM’ campaign in recognition of NCSAM (National Cybersecurity Awareness Month) with a preview to November. Just in case you haven’t had your fill of acronym-soup, we have one more helping. For those of us who support the critical infrastructures that maintain our way of life, November’s recognition of Critical Infrastructure Security and Resilience (CISRM) is the most relevant.

CISA Malware Analysis Report: Zebrocy

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as Zebrocy. According to the MAR, this malware has been used by a sophisticated cyber actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.

CISA Malware Analysis Report: ComRat

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as ComRAT. According to the MAR, this malware has been used by Turla, a Russian-sponsored Advanced Persistent Threat (APT) actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.

15CFAM – Even though 15CFAM is over, the FUN Never Ends when Participating in Information Sharing

Perhaps we’re bias, but the adage, “cybersecurity is a shared responsibility,” seems to aptly embody information sharing more than anything else. Information sharing and collaboration takes many forms. From Information Sharing & Analysis Centers/Organizations (ISACs/ISAOs) - like WaterISAC - to regional and local collaboration groups, and even trusted one-on-one interactions, sharing threat information (across all-hazards) is imperative for the security and resilience of any organization, sector, community, region, or nation.

Pages

Subscribe to Cybersecurity