You are here

Home » Cybersecurity

Cybersecurity

Siemens SIMATIC CP 1543-1 (ICSA-20-042-03) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper access control and loop with unreachable exit condition vulnerabilities in Siemens SIMATIC CP-1543-1. All versions starting at 2.0 and prior to 2.2. are affected. Successful exploitation of these vulnerabilities could allow remote attackers to conduct a denial-of-service attack by sending specially crafted packets to Port 161/UDP (SNMP). The latest update for SIMATIC CP 1543-1 contains fixes for the vulnerabilities within its embedded ProFTPD FPT server. Siemens recommends updating SIMATIC CP 1543-1 modules to Version 2.2.

Microsoft Releases February 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), ChakraCore, Internet Explorer, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Office and Microsoft Office Services and Web Apps, Windows Malicious Software Removal Tool, and Windows Surface Hub. Read the update at Microsoft.

Safer Internet Day – Everyone Has a Responsibility to Make a Positive Difference

Today is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users. This year’s theme is “Together for a better internet,” which encourages everyone to play a part in creating a safer, more secure internet. While much of the focus of this year’s theme is on children and caregivers, its promoters make clear that is intended for everyone, including for people in industry and decision makers.

Australian Advisory: Mailto Ransomware Incidents

The Australian Cyber Security Centre (ACSC) has published an advisory noting that it is aware of recent ransomware incidents involving a ransomware tool known as “Mailto” or “Kazakavkovkiz.” The ACSC has limited information regarding the initial intrusion vector for Mailto, but evidence suggests that phishing and password spray attacks have been used to compromise user accounts. The ACSC advisory provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks.

Business Email Compromise – Don’t Forget About Your Vendors (VEC)

Email security firm Agari posted an article reminding us how the attack surface from the scourge known as business email compromise (BEC) is larger than we may think. Agari points out the need to protect against the compromised supply chain, in what is referred to as vendor email compromise (VEC). With the majority of phishing emails we receive impersonating trusted suppliers, it is imperative that organizations are intentional about securing their supply chain.

FBI Director Says HVEs, Domestic Extremists, and FTOs Are Most Persistent Terrorist Threat to U.S.

In testimony before the U.S. House Judiciary Committee yesterday, FBI Director Christopher Wray identified the most persistent terrorism threats to the U.S. as homegrown violent extremists (HVEs), domestic extremists, and foreign terrorist organizations (FTOs). Drawing a link between two of the groups, he explained how FTOs have made extensive use of the Internet and social media to disseminate propaganda and training materials to attract and influence individuals in the U.S., giving rise to HVEs.

OpenSMTPD Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to review CERT/CC’s Vulnerability Note VU#390745 and apply the necessary updates.

Pages

Subscribe to Cybersecurity