You are here

Home » Cybersecurity

Cybersecurity

Delta Industrial Automation CNCSoft (ICSA-19-106-01)

The NCCIC has published an advisory on stack-based buffer overflow, heap-based buffer overflow, and out-of-bounds read vulnerabilities in Delta Industrial Automation CNCSoft. Versions 1.00.88 and prior are affected. Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application. Delta Electronics recommends updating to the latest version of ScreenEditor 1.00.89. The NCCIC also provides a list of recommended measures for addressing the vulnerabilities.

WAGO Series 750-88x and 750-87x (ICSA-19-106-02) – Products Used in the Energy Sector

The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in WAGO Series 750-88x and 750-87x. Numerous versions of these two products are affected. This vulnerability allows a remote attacker to change the settings or alter the programming of the device. WAGO has released a security advisory and recommends updating to the newest firmware and taking a series of defense measures. The NCCIC also provides a list of recommended measures for addressing the vulnerabilities.

Protecting Against Ransomware

The NCCIC has published a “Protecting Against Ransomware” Security Tip, which provides an overview of ransomware, describes how it works and is delivered, and provides recommendations for preventing and responding to ransomware infections. This resource also contains numerous links to other products for helping partners to understand ransomware and how to protect themselves and their organizations from attacks. Access the Security Tip at NCCIC/US-CERT.

North Korean Malicious Cyber Activity – “HOPLIGHT” Trojan

The Department of Homeland Security (DHS) and the FBI report they have identified a Trojan malware variant – referred to as “HOPLIGHT” – used by the North Korean government. The DHS National Cybersecurity and Communications Integration Center (NCCIC) has published a Malware Analysis Report (MAR) on HOPLIGHT that it encourages partners to review. The MAR includes malware descriptions, suggested response actions, and recommended mitigation techniques.

Limiting ICS Impacts from IT-focused Incidents

The industrial cybersecurity community, including WaterISAC, continues to emphasize the larger threat to ICS emanates from IT versus OT-centric cyber threats. To further address this issue, ICS cyber forensic firm Dragos posted Implications of IT Ransomware for ICS Environments. Dragos discusses the importance in identifying the propagation methods of IT-based malware, like WannaCry, NotPetya, and LockerGoga in order to more effectively prevent inadvertent impact to ICS operations.

Microsoft Releases April 2019 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, ASP.NET, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Open Enclave SDK, and Windows Admin Center.

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F) (ICSA-17-318-01) – Product Used in Energy and Water and Wastewater Sectors

April 9, 2019

The NCCIC has updated this advisory with additional details on affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

November 13, 2018

The NCCIC has updated this advisory with additional details on affected products and mitigation measures. NCCIC/ICS-CERT.

April 24, 2018

Tags: 
ics-cert siemens

Siemens OpenSSL Vulnerability in Industrial Products (Update E) (ICSA-18-226-02) – Products Used in the Water and Wastewater and Energy Sectors

April 9, 2019

The NCCIC has updated this advisory with additional details on the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

November 13, 2018

The NCCIC has updated this advisory with additional details on the affected products and mitigation measures. NCCIC/ICS-CERT.

October 9, 2018

Siemens RUGGEDCOM ROX II (ICSA-19-099-05) – Products Used in the Energy Sector

The NCCIC has published an advisory on double free, out-of-bounds read, and uncontrolled resource consumption vulnerabilities in Siemens RUGGEDCOM ROX II. All versions prior to 2.13.0 are affected. Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition. Siemens has provided firmware update v2.13.0 to fix these vulnerabilities and also recommends users apply specific workarounds and mitigations to reduce risk. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.

Pages

Subscribe to Cybersecurity