The importance of asset management cannot be overstated. Asset Management is the first consideration in WaterISAC’s 15 Cybersecurity Fundamentals (Perform Asset Inventories), the CIS Controls (Inventory and Control of Hardware Assets), and countless other standard practice cybersecurity documents and advice.
CISA has published an advisory on stack-based buffer overflow and out-of-bounds read vulnerabilities in Delta Electronics Industrial Automation CNCSoft ScreenEditor. Versions 1.00.96 and prior are affected. Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application. Delta recommends updating to the latest version of CNCSoft v1.01.24 (with ScreenEditor v1.00.98) and restricting the interaction with the application to trusted files.
According to a report just published by cybersecurity company FireEye, 76 percent of all ransomware infections occur outside working hours, with 49 percent taking place during nighttime over the weekdays and 27 percent taking place over the weekend. The reason why attackers choose to trigger the ransomware encryption process during the night or weekend is because most companies don't have IT staff working those shifts, and if they do, they are most likely short-handed.
CISA advises that Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the resources and apply the necessary updates or workarounds. Read the advisory at CISA.
CISA has published an advisory on an improper access control vulnerability in Allen-Bradley Stratix 5950. Versions 1783-SAD4T0SBK9, 1783-SAD4T0SPK9, 1783-SAD2T2SBK9, and 1783-SAD2T2SPK9 are affected. Successful exploitation of this vulnerability could allow an attacker to write a modified image to the component. Rockwell Automation recommends users update to firmware version FRN v6.4.0 , which addresses the reported vulnerability. It has also provided a series of general security guidelines. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on an authorization bypass through user-controlled key vulnerability in ABB Asset Suite. Versions 9.6 and prior, excluding 9.4.2.6 and 9.5.3.2, are affected. Successful exploitation of this vulnerability could allow an attacker access to unauthorized information in the application by direct resource access. ABB recommends users apply updates as soon as they are able. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on numerous vulnerabilities in ABB eSOMS. Versions 6.02 and prior are affected. In the most severe case, an attacker who successfully exploited these vulnerabilities could take over a user’s browser session, discover session-based information, or affect the confidentiality of sensitive information within the application. ABB recommends users update their version of eSOMS to 6.0.3 or 6.1. CISA also recommends a series of measures to mitigate the vulnerabilities.
The FBI’s Portland, Oregon office has published an advisory discussing best practices for web browsers, which are essential for operations in any organization but can serve as openings through which bad actors intrude into systems. Noting that the browsers that are available have different levels of privacy and security, the advisory encourages organizations spend time researching browsers to figure out which one meets their needs and expectations. Once a browser is selected, however, default settings can still leave an organization vulnerable.
The Cyberspace Solarium Commission (CSC) has released its final report, which includes over 80 recommendations to improve the U.S.’s cybersecurity posture and practices. The recommendations in the report support six cybersecurity pillars: 1) Reform the U.S. Government’s Structure and Organization for Cyberspace; 2) Strengthen Norms and Non-Military Tools; 3) Promote National Resilience; 4) Reshape the Cyber Ecosystem; 5) Operationalize Cybersecurity Collaboration with the Private Sector; and 6) Preserve and Employ the Military Instrument of National Power.
Since version 76 (current version is 80), Google Chrome no longer displays the “https” and subdomain “www” to users in the address bar. A “feature” that miscreants are taking advantage to compromise legitimate websites with credit card and login skimming malware. Unfortunately, a PLC vendor in Spain reportedly fell victim to this technique that enabled skimming code to be injected into its website. This recent scheme, as reported by journalist Brian Krebs, uses the domain “htt.ps” to trick users into thinking they are seeing the “https://” they have been taught to look for.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
