Cybersecurity

The NCCIC has published an advisory on a resource management error vulnerability in Yokogawa Vnet/IP Open Communication Driver. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to cause Vnet/IP network communications to controlled devices to become unavailable. Yokogawa recommends users of affected devices and versions update to the latest available release. The NCCIC also advises on a series of mitigating measures for this vulnerability.

The FBI has released a FLASH message regarding information it has obtained on activities performed by a group of malicious cyber actors associated with the Chinese government referred to as “APT10.” On December 20, officials from the U.S. Department of Justice and the U.S.

Cryptojacking refers to the practice of attackers harnessing the processing power of computers they don’t own to mine for cryptocurrency, such as Bitcoin or Monero. Cryptojacking’s popularity soared when cryptocurrencies hit their all-time highs in late 2017 and early 2018, and attackers adapted the malware used for these activities to go after mobile devices, cloud infrastrucuture, Internet of Things devices, and even operational technology (OT).

The partial government shutdown that began on Saturday has resulted in furloughs for nearly 33,000 federal employees from the U.S. Department of Homeland Security (DHS), which represents about 13 percent of the organization’s approximately 245,000 person workforce. DHS’s law enforcement and emergency management functions are largely unaffected by the shutdown, with most employees exempt from furloughs at components like Customs and Border Protection, the Coast Guard, the Transportation Security Administration, and the Federal Emergency Management Agency, among others.