You are here

Home » Cybersecurity

Cybersecurity

Siemens SIMOTICS, Desigo, APOGEE, and TALON (ICSA-20-105-06) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a business logic errors vulnerability in Siemens SIMOTICS, Desigo, APOGEE, and TALON. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device. Siemens recommends mitigations and workarounds for the affected products. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Siemens Climatix (ICSA-20-105-04)

CISA has published an advisory on cross-site scripting and basic XSS vulnerabilities in Siemens Climatix. All versions of Climatix POL908 (BACnet/IP module) and Climatix POL909 (AWM module) are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code to access confidential information without authentication. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerabilities.

Triangle MicroWorks SCADA Data Gateway (ICSA-20-105-03) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on stack-based buffer overflow, out-of-bounds read, and type confusion vulnerabilities in Triangle MicroWorks SCADA Data Gateway. Versions 2.41.0213 through 4.0.122 are affected. These vulnerabilities allow remote attackers to execute arbitrary code and disclose on affected installations of Triangle Microworks SCADA Data Gateway with DNP3 Outstation channels. Authentication is not required to exploit these vulnerabilities. Triangle Microworks recommends users update to Version 4.0.123.

Triangle MicroWorks DNP3 Outstation Libraries (ICSA-20-105-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a stack-based buffer overflow vulnerability in Triangle MicroWorks DNP3 Outstation Libraries. Versions 3.16.00 through 3.25.01 are affected. Successful exploitation of this vulnerability could possibly allow remote attackers to stop the execution of code on affected equipment. Triangle Microworks recommends users update to Version 3.26. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Eaton HMiSoft VU3 (ICSA-20-105-01) – Product Used in the Energy Sector

CISA has published an advisory on stack-based buffer overflow and out-of-bounds read vulnerabilities in Eaton HMiSoft VU3. Versions 3.00.23 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed and may allow remote code execution or information disclosure. Eaton ceased manufacturing the HMiVU on December 31, 2018, and marked the HMiVU software as end of life. As a result, Eaton no longer provides technical support, security fixes, or other fixes for the HMiVU software.

Microsoft Releases April 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Visual Studio, Microsoft Dynamics, Microsoft Apps for Android, and Microsoft Apps for Mac. Read the update at Microsoft.

FBI Expects a Rise in Scams Involving Cryptocurrency Related to COVID-19 Pandemic

The FBI advises its partners to be on the lookout for an increase in the following cryptocurrency fraud schemes related to COVID-19. These schemes may include blackmail attempts, work from home scams, paying for non-existent treatments or equipment, and investment scams. Although each of these scams has its own twist, they share the commonalities of attempting to capitalize on the fear and uncertainty during the current pandemic to steal money and launder it through the cryptocurrency ecosystem.

FBI Warns of Advance Fee and BEC Schemes Related to PPE and Supplies Procurement during COVID-19 Pandemic

The FBI has issued an industry alert warning of rapidly emerging advance fee and business email compromise (BEC) schemes related to procurement of personal protective equipment (PPE) and other equipment in short supply during the current COVID-19 pandemic. The FBI recently became aware of multiple incidents of government agencies, attempting to procure such equipment, wiring transferred funds to fraudulent sellers in advance of receiving the items. In one case, an individual claimed to represent an entity with which the purchasing agency had an existing business relationship.

Adversaries Living off the ICS/OT Land and How to Detect Them

“Living off the land” is a phrase adopted to describe adversary behavior of using built-in system tools in an attempt to blend in or hide in plain sight with expected system/network activity. The practice typically involves IT-based tools and tactics, but industrial cybersecurity firm Dragos reviews the relevance or living off the land for ICS/OT environments. Even advanced ICS-focused (and skilled) threat groups use IT-based system tools such as PowerShell to gain initial access before traversing ineffective network segmentation to compromise ICS/OT networks.

Security Awareness – A Few of the Latest Coronavirus Related Scams

Even during this challenging time, there is no question that cyber attack ploys are the same. Threat actors constantly leverage disasters in their campaigns; however, the specific themes and lures abusing coronavirus news and information across various attack techniques continues unabated. Attackers are not letting up, and we must not grow weary in keeping our remote workers aware of the scams using coronavirus that are intended to trick them into clicking on a malicious link or opening a weaponized document.

Pages

Subscribe to Cybersecurity