You are here

Home » Cybersecurity

Cybersecurity

Siemens SIPORT MP (ICSA-20-042-08)

CISA has published an advisory on an insufficient logging vulnerability in Siemens SIPORT MP. All versions prior to 3.1.4 are affected. Successful exploitation of this vulnerability could allow the attacker to create special accounts with administrative privileges. Siemens recommends users update to Version 3.1.4 and has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens SCALANCE X Switches (ICSA-20-042-07)

CISA has published an advisory on a protection mechanism failure vulnerability in Siemens SCALANCE X switches. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to perform administrative actions. Siemens has released updates, which are recommended to be applied when possible. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Siemens SIMATIC CP 1543-1 (ICSA-20-042-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper access control and loop with unreachable exit condition vulnerabilities in Siemens SIMATIC CP-1543-1. All versions starting at 2.0 and prior to 2.2. are affected. Successful exploitation of these vulnerabilities could allow remote attackers to conduct a denial-of-service attack by sending specially crafted packets to Port 161/UDP (SNMP). The latest update for SIMATIC CP 1543-1 contains fixes for the vulnerabilities within its embedded ProFTPD FPT server. Siemens recommends updating SIMATIC CP 1543-1 modules to Version 2.2.

Microsoft Releases February 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), ChakraCore, Internet Explorer, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Office and Microsoft Office Services and Web Apps, Windows Malicious Software Removal Tool, and Windows Surface Hub. Read the update at Microsoft.

Safer Internet Day – Everyone Has a Responsibility to Make a Positive Difference

Today is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users. This year’s theme is “Together for a better internet,” which encourages everyone to play a part in creating a safer, more secure internet. While much of the focus of this year’s theme is on children and caregivers, its promoters make clear that is intended for everyone, including for people in industry and decision makers.

Australian Advisory: Mailto Ransomware Incidents

The Australian Cyber Security Centre (ACSC) has published an advisory noting that it is aware of recent ransomware incidents involving a ransomware tool known as “Mailto” or “Kazakavkovkiz.” The ACSC has limited information regarding the initial intrusion vector for Mailto, but evidence suggests that phishing and password spray attacks have been used to compromise user accounts. The ACSC advisory provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks.

Business Email Compromise – Don’t Forget About Your Vendors (VEC)

Email security firm Agari posted an article reminding us how the attack surface from the scourge known as business email compromise (BEC) is larger than we may think. Agari points out the need to protect against the compromised supply chain, in what is referred to as vendor email compromise (VEC). With the majority of phishing emails we receive impersonating trusted suppliers, it is imperative that organizations are intentional about securing their supply chain.

Pages

Subscribe to Cybersecurity