You are here

Home » Cybersecurity

Cybersecurity

CISA ICS Alert: Robot Motion Servers

CISA has published an alert advising it is aware of a public report of a vulnerability affecting robot motion servers. The motion servers are programs written in OEM exclusive programming languages and run on the robot controller. Motion servers enable receiving target values and optionally sending actual values. According to the public report, which was coordinated with CISA prior to its release, researchers identified this vulnerability in the motion servers that allows an adjacent attacker to execute arbitrary code.

Delta Industrial Automation CNCSoft ScreenEditor (ICSA-20-217-01)

CISA has published an advisory on stack-based buffer overflow, out-of-bounds read, and access of uninitialized pointer vulnerabilities in Delta Industrial Automation CNCSoft ScreenEditor. Versions 1.01.23 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. Delta Electronics recommends updating to the latest version of CNCSoft ScreenEditor Version 1.01.26 and restricting the interaction of the application to trusted files.

Perch Security-WaterISAC Webinar: Collect, Detect, Respond – A SIEM Built for Threat Intelligence

On Thursday, July 30, 2020, WaterISAC joined Perch for a webinar on collecting, detecting, and responding to threat intelligence. WaterISAC Managing Director, Michael Arceneaux offered opening remarks. Perch Security’s CISO, Wes Spencer, and Director of Threat Research, Paul Scott shared thoughts on community-based threat intelligence and threat activty in the Water and Wastewater Sector. And not that we don’t love Perch Security, but the star of the show was unequivocally Barry Blanchard, IT Manager of Onondaga County Water Authority (OCWA).

National Cybersecurity Exercise for Australia’s Water and Wastewater Sector

The Australian Cyber Security Centre (ACSC) is inviting water and wastewater sectors organizations to participate in a national, two-day cybersecurity exercise in August 2021 aimed to strengthen cybersecurity resilience. The ACSC intends for the exercise to provide Australian participants with the opportunity to gain experience responding to a cyber incident scenario and evaluate areas for improvement. The ACSC has also identified the following goals for organizations and personnel to achieve from participating in the exercise:

FBI PIN: Computer Network Infrastructure Vulnerable to Windows 7 End of Life Status, Increasing Potential for Cyber Attacks

The FBI has published a (TLP:WHITE) Private Industry Notification (PIN) advising that continuing to use Windows 7 within an enterprise may provide cyber criminals access into computer systems. Microsoft ended support for the Windows 7 operating system in January 2020, and the FBI observes that cyber criminals target computer network infrastructure after an operating system achieves end of life status. It notes that as time passes Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered.

Mitsubishi Electric Factory Automation Products Path Traversal (ICSA-20-212-03)

CISA has published an advisory on a path traversal vulnerability in Mitsubishi Electric Factory Automation Products. Multiple products and versions of the products are affected. Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, tamper the information, and cause a denial-of-service condition. Mitsubishi Electric recommends users update products for which newer versions are available.

Mitsubishi Electric Multiple Factory Automation Engineering Software Products (ICSA-20-212-02)

CISA has published an advisory on a permission issues vulnerability in Mitsubishi Electric Multiple Factory Automation Engineering Software Products. Multiple products and versions of the products are affected. Successful exploitation of this vulnerability may enable the reading of arbitrary files, cause a denial-of-service condition, and allow execution of a malicious binary. Multiple Electric recommends a series of steps to address the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.

Inductive Automation Ignition 8 (ICSA-20-212-01) – Product Used in the Energy Sector

CISA has published an advisory on a missing authentication vulnerability in Inductive Automation Ignition 8. All versions of this product prior to 8.0.13 are affected. Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information. Inductive Automation recommends users upgrade the Ignition software to v8.0.13. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Taidoor Malware Used by Chinese Government Actors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have published a malware analysis report (MAR) about a malware variant used by Chinese government cyber actors, which is known as TAIDOOR. The FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation.

Pages

Subscribe to Cybersecurity