You are here

Home » Cybersecurity

Cybersecurity

Siemens SICAM MMU, SICAM T, and SICAM SGU (ICSA-20-196-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on out-of-bounds read, missing authentication for critical function, missing encryption of sensitive data, use of password hash with insufficient computational effort, cross-site scripting, classic buffer overflow, basic XSS, and authentication bypass by capture-replay vulnerabilities in Siemens SICAM MMU, SICAM T, and SICAM SGU. For SICAM MMU, all versions prior to 2.05 are affected. For SICAM SGU, all versions are affected. And for and SICAM T, all versions prior to 2.18 are affected.

Moxa EDR-G902 and EDR-G903 Series Routers (ICSA-20-196-02) – Product Used in the Energy Sector

CISA has published an advisory on a stack-based buffer overflow vulnerability in Moxa EDR-G902 and EDR-G903 series routers. For EDR-G902 series, firmware versions 5.4 and prior are affected. For EDR-G903, firmware versions 5.4 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. Moxa recommends users implement a patch to mitigate the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.

Advantech iView (ICSA-20-196-01) – Product Used in the Energy and Water and Wastewater Sectors

CISA has published an advisory on SQL injection, path traversal, command injection, improper input validation, missing authentication for critical function, and improper access control vulnerabilities in Advantech iView. iView Versions 5.6 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, limit system availability, and/or crash the application. Advantech has released version 5.7 of iView to address the reported vulnerabilities.

Microsoft Releases July 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based in IE Mode), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Skype for Business, Visual Studio, Microsoft OneDrive, Open Source Software, .NET Framework, and Azure DevOps.

Siemens S7-1200 CPU (Update B) (ICSA-19-318-02) – Product Used in the Water and Wastewater and Energy Sectors

July 14, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

December 10, 2019

CISA has updated this advisory with additional details on the affected products. Read the advisory at CISA.

November 18, 2019

Complementary Resource to Creating a Cybersecurity Culture

Poll questions asked during last week’s Creating a Cybersecurity Culture webinar indicated that many members have a strong cybersecurity culture and are not complacent in executing security awareness programs that promote behavioral changes. This is highly encouraging and a positive indicator of successful outcomes. However, the poll questions did not distinguish between IT or OT culture.

Conti Ransomware – The Newest Member in the Ryuk Family Tree

Conti is a new family of ransomware believed to be based on code from Ryuk’s second version. Conti also uses the same ransom note its predecessor used in earlier attacks and reportedly leverages the same Trickbot infrastructure. Conti was recently observed by the Carbon Black Threat Analysis Unit (TAU). Most notably, Conti’s attributes appear to be better and faster than most malware families, as it allows up to 32 simultaneous encryption efforts, resulting in faster encryption of targeted files.

Pages

Subscribe to Cybersecurity