Today, President Donald Trump released an “America’s Cybersecurity Workforce” Executive Order, laying out a vision for supporting and fostering cybersecurity practitioners in both the public and private sectors who serve as “guardians of our national and economic security.” Among other highlights, it states the U.S.
A report from cybersecurity company Coveware provides some interesting statistics on ransomware incidents that were experienced in the first quarter of 2019. Coveware found the average ransom for these incidents increased by nearly 90% to $12,762, as compared to $6,733 in the fourth quarter of 2018. According to Coveware, this reflected increased infection by more expensive types of ransomware, including Ryuk, which are typically used in targeted attacks on larger organizations.
The first Thursday in May, May 2 this year, is World Password Day, intended to raise awareness of password best practices and the need for strong passwords. To mark the occasion this year, two cybersecurity companies have taken unique approaches to motivate everyone to take password security more seriously.
The NCCIC has released an advisory on uncontrolled resource consumption and stack-based buffer overflow vulnerabilities in Rockwell Automation CompactLogix 5370. Multiple products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to render the web server unavailable and/or place the controller in a major non-recoverable faulted state (MNRF).
New samples of Emotet have been observed using different post-infection traffic than previous versions, according to analysis just published by cybersecurity company Trend Micro. Additionally, that analysis revealed Emotet is attempting to use compromised connected devices as proxy command and control servers to evade detection. These discoveries also show that the malware is being used to compromise and collect vulnerable connected devices, which could become resources for other malicious purposes.
The NCCIC has published an advisory on an open redirect vulnerability in Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to input a malicious link redirecting users to a malicious website. Rockwell Automation has released a security advisory with mitigation steps. The NCCIC also provides a list of recommended measures for addressing the vulnerabilities.
The National Institute of Standards and Technology (NIST) has published a revised version of its Vetting the Security of Mobile Applications special publication. Despite their utility, mobile applications, or “apps,” can pose serious security risks to an organization and its users due to vulnerabilities that may exist within their software. Such vulnerabilities may be exploited to steal information, control a user’s device, deplete hardware resources, or result in unexpected app or device behavior.
Terbium Labs has released a report analyzing nearly 30,000 “how-to” guides for committing cyber fraud available on the Dark Web. These online documents typically include instructions on specific fraud capabilities such as account takeover, phishing, cashing out, doxing, synthetic fraud, and account creation. They could feature instructions, personal notes from the author on their experiences of what works and what doesn’t, social engineering and technical advice, and more.
A team consisting of researchers from Microsoft Research, Inria, and Carnegie Mellon University’s CyLab recently released the world's first verifiably secure industrial-strength cryptographic library – a set of code that can be used to protect data and is guaranteed to protect against the most popular classes of cyberattacks. The library is called “EverCrypt” and is available for download on GitHub. "With EverCrypt, we can rule out entire classes of vulnerabilities," said CybLab’s Bryan Parno, who is also an associate professor of Computer Science and Electrical and Computer Engineering.
Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. encourages users and administrators to review the Oracle April 2019 Critical Patch Update and apply the necessary updates.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
