You are here

Home » Cybersecurity

Cybersecurity

Vulnerability Management – Considerations in OT/ICS Vulnerability Assessments

Identifying and remediating vulnerabilities are paramount to a successful cybersecurity strategy. While vulnerability disclosures, CVEs, and CVSS scores are a good place to start when addressing security gaps, neither offers a complete picture or effective assessment for OT/ICS environments. After ten years of vulnerability assessments, industrial cybersecurity firm Verve has observed several common gaps and offers their top five considerations every OT/ICS environment can benefit from understanding.

National Insider Threat Awareness Month – More Resources to Tackle Insider Threats

Continuing in the spirit of National Insider Threat Awareness Month (NITAM), the InfraGardNCR chapter has publicly posted an excellent Vantage Point blog outlining a basic framework for building, reviewing, and strengthening insider threat programs. In the post, Jim Stone highlights nine fundamental steps for any size and type of organization to follow.

CISA Alert: Chinese Government-affiliated Malicious Cyber Activity

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert about cyber threat actors affiliated with the Chinese government – specifically the Ministry of State Security – targeting U.S. government agencies. CISA developed the alert with contributions from the FBI. The alert states that the threat actors are using open-source information to plan and conduct cyber operations and employing readily available exploits and exploit toolkits to quickly engage target networks.

HMS Networks Ewon Flexy and Cosy (ICSA-20-254-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a permissive cross-domain policy with untrusted domains vulnerability in HMS Networks Ewon Flexy and Cosy. All versions prior to 14.1 are affected. Successful exploitation of this vulnerability could allow attackers to retrieve limited confidential information. HMS Networks recommends a series of mitigations for the vulnerability. CISA recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

FATEK Automation PLC WinProladder (ICSA-20-254-02)

CISA has published an advisory on a stack-based buffer overflow vulnerability in FATEK Automation PLC WinProladder. Versions 3.28 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may cause a denial-of-service event and remote code execution. FATEK has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products who would like to see more responsible security are invited to contact Fatek customer support.

AVEVA Enterprise Data Management Web (ICSA-20-254-01)

CISA has published an advisory on an SQL injection vulnerability in AVEVA Enterprise Data Management Web. Enterprise Data Management Web v2019 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected device. AVEVA reports that affected users are recommended to upgrade to AVEVA Enterprise Data Management Web v2019 SP1 as soon as possible. If an upgrade to v2019 SP1 is not possible, users can contact AVEVA Global Customer Support, and a hot-fix can be made available for eDNA Web v2018 SP2.

2020 State of the Homeland Address

Yesterday U.S. Department of Homeland Security (DHS) Secretary Chad Wolf delivered the 2020 State of the Homeland Address. In his address Secretary Wolf reflected on how DHS has evolved since it was founded more than 17 years ago. Speaking of this evolution, he discussed some of today’s potential threat vectors that didn’t exist at the time of the Department’s inception, which include smart phones and cryptocurrency.

Pages

Subscribe to Cybersecurity