You are here

Home » Cybersecurity

Cybersecurity

ICS Alert: SweynTooth Vulnerabilities

CISA has published an alert on multiple Bluetooth Low Energy (BLE) vulnerabilities with proof-of-concept (PoC) exploit code affecting a large number of IOT, Smart-home, wearable, and medical devices from vendors who utilize BLE wireless communication technology. CISA notes the alert was released without coordination with some of the affected vendors, adding that it has notified some of the vendors of the report and has asked them to confirm the vulnerabilities and identify mitigations.

PHOENIX CONTACT Emalytics Controller ILC (ICSA-20-063-02) – Product Used in the Energy Sector

CISA has published an advisory on an incorrect permission assignment for critical resource vulnerability in PHOENIX CONTACT Emalytics Controller ILC. All versions prior to 1.2.3 are affected. Successful exploitation of this vulnerability could allow an attacker to change the device configuration and start or stop services. Phoenix Contact strongly recommends affected users update to engineering software Emalytics v1.2.3 or higher and recommission the controllers. CISA also recommends a series of measures to mitigate the vulnerability.

Emerson ValveLink (ICSA-20-063-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on an improper access control vulnerability in Emerson ValveLink. Versions 12.0.264 to 13.4.118 are affected. Successful exploitation of this vulnerability could allow arbitrary code execution. Emerson recommends users upgrade the affected product. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Moxa AWK-3131A Series Industrial AP/Bridge/Client (ICSA-20-063-04) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper access control, use of hard-coded cryptographic key, os command injection, use of hard-coded credentials, classic buffer overflow, out-of-bounds read, stack-based buffer overflow, improper access control, and authentication bypass using an alternate path or channel vulnerabilities in Moxa AWK-3131A. Versions 1.13 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain control of the device and remotely execute arbitrary code. Moxa has created a security patch to mitigate these vulnerabilities.

Ransomware Is a “National Crisis,” says CISA Director

At RSA Conference 2020 last week, Christopher Krebs, director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said, “I think we’re on the verge of a national crisis when it comes to ransomware.” Krebs also spoke of his agency’s role in helping to prevent the pending crisis, noting that CISA strives to serve as the “nation’s risk advisor” and plans to continue to offer training for operators of critical infrastructure.

National Consumer Protection Week

National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft. The U.S.

Hackers Scanning for Vulnerable Microsoft Exchange Servers

Attackers are actively scanning the internet for Microsoft Exchange Servers vulnerable to the CVE-2020-0688 remote code execution vulnerability patched by Microsoft two weeks ago (despite patches being made available, some organizations choose to forgo automatic updates, opting to implement them manually or not at all). The flaw is present in the Exchange Control Panel (ECP) component and is caused by Exchange's inability to create unique cryptographic keys when being installed.

Despite Widespread Ransomware Concerns, Only 38 Percent of State and Local Government Employees Trained in Prevention

According to the results of a poll recently conducted by IBM, only 38 percent of state and local government employees are trained on ransomware prevention. Additionally, budgets for managing cyber attacks have remained stagnant according to 52 percent of the state and local government IT/security professionals who were polled. These findings were in spite of 73 percent of those polled indicating they are concerned about impending ransomware threats. Additionally, 1 in 6 respondents disclosed their department had been impacted by a ransomware attack.

OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability

OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to apply the necessary update.

Pages

Subscribe to Cybersecurity