You are here

Home » Cybersecurity

Cybersecurity

Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688

CISA advises that Microsoft Exchange Servers affected by a remote code execution vulnerability, known as CVE-2020-0688, continue to be an attractive target for malicious cyber actors. A remote attacker can exploit this vulnerability to take control of an affected system that is unpatched. Although Microsoft disclosed the vulnerability and provided software patches for the various affected products in February 2020, advanced persistent threat actors are targeting unpatched servers, according to recent open-source reports.

Microsoft Releases March 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), ChakraCore, Internet Explorer, Microsoft Exchange Server, Microsoft Office and Microsoft Office Services and Web Apps, Azure DevOps, Windows Defender, Visual Studio, Open Source Software, Azure, and Microsoft Dynamics. Read the update at Microsoft.

Siemens Industrial Products with OPC UA (Update F) (ICSA-19-099-03) – Products Used in the Water and Wastewater and Energy Sectors

March 10, 2020

CISA has updated this advisory with additional information on the affected products. Read the advisory at CISA.

February 11, 2020

CISA has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at CISA.

January 14, 2020

Continued Cyber Concerns for Utilities Amid Coronavirus

As utilities exercise business continuity plans with staff working remotely during the coronavirus epidemic, it is important to include reminders to increase cyber vigilance and hygiene during this time as attackers are leveraging our heightened concern and curiosity to spread malware and other scams. Similar to vacation and holiday seasons when cybersecurity/IT staff may not be immediately available, an uptick in cyber attacks are likely to be met with less resistance during this time.

Nearly All Compromised Accounts Did Not Use MFA

During the recent RSA cybersecurity conference, Microsoft engineers said that 99.9 percent of the compromised accounts they’ve tracked don’t use multi-factor authentication (MFA). In most cases, the account hacks happen through simplistic attacks, which MFA is typically effective against. The primary sources of most hacks of Microsoft accounts was password spraying, when an attacker picks a common and easy-to-guess password, and goes through a long list of usernames until they get a hit and can access an account using said password.

Siemens S7-300/400 PLC Vulnerabilities (Update E) (ICSA-16-348-05D) – Product Used in Energy and Water and Wastewater Systems Sectors

March, 10, 2020

CISA has updated the advisory with additional details on the affected products and the nature of the vulnerability. Read the advisory at CISA.

January 25, 2018

ICS-CERT has updated this advisory with additional details on mitigation measures. ICS-CERT.

November 28, 2017

Tags: 
ics-cert siemens s7-300 s7-400

WAGO I/O-CHECK (ICSA-20-065-01) – Product Used in the Energy Sector

CISA has published an advisory on information exposure through sent data, buffer access with incorrect length value, missing authentication for critical function, and classic buffer overflow vulnerabilities in WAGO I/O-CHECK Series PFC100 and Series PFC200. Multiple versions of this software are affected. Successful exploitation of these vulnerabilities could allow an attacker to change settings, delete the application, run remote code, cause a system crash, cause a denial-of-service condition, revert to factory settings, and overwrite MAC addresses.

UK Releases Tips on Securing Smart Security Cameras

The UK National Cyber Security Centre (NCSC) has released guidance on how to correctly set up smart security cameras to avoid having them hacked by attackers. The guidance begins with a series of three steps that the NCSC says will make it much harder for cyber criminals to access your smart camera. These include changing default passwords, implementing regular security updates, and removing the feature for remotely viewing camera footage via the internet (unless you need it). The guidance also discusses router settings that, if not properly configured, can be exploited by hackers.

Australia Releases Securing Content Management Systems Guide

The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining strategies for identifying and minimizing risks to web servers from installed content management systems (CMS). This guidance provides effective mitigation strategies organizations can use to better protect their external-facing systems from cyber network exploitation. Read the guide at ACSC.

Pages

Subscribe to Cybersecurity