Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server, Visual Studio, and Skype for Business. Read the update at Microsoft.
The National Institute of Standards and Technology (NIST) has just published Special Publication (SP) 800-160 Volume 2, Developing Cyber Resilient Systems: A Systems Engineering Approach. It is the first in a series of specialty publications developed to support NIST SP 800-160 Volume 1, the flagship systems security engineering guideline. Volume 2 addresses cyber resiliency considerations for two important yet distinct communities of interest:
Microsoft has released a Security Advisory to address an issue in Windows Hello for Business (WHfB). An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack (ROCA), to take control of an affected system.
The New Zealand National Cyber Security Centre (NCSC-NZ) has released an article on a new cybersecurity governance resource to support public and private sector leaders in making decisions about their cybersecurity resilience and risk. NCSC-NZ developed this governance – a series of documents with practical advice and simple steps – following a cybersecurity resilience assessment of New Zealand’s nationally significant organizations.
The Australian Cyber Security Centre (ACSC) has released Fundamentals of Cross Domain Solutions, a guide outlining the fundamentals of cross domain solution (CDS) technologies. This guidance provides cross domain security principles to enable organizations to share information securely across separated networks. CISA encourages organizations with information sharing requirements to review ACSC’s to learn how to plan, analyze, design, and implement CDS systems.
The FBI’s Portland, Oregon office has published an advisory discussing how to build a digital defense in the Internet of Things. The advisory discusses the security risks of using devices that have built-in Internet connections, such as digital assistants, smart watches, security equipment, thermostats, and even kitchen appliances. While providing additional conveniences and amenities for their owners, they can also open a door for hackers into your business or home.
CISA has published an alert on Dridex, providing an overview of the malware, related activity, and a list of previously unreported indicators of compromise. Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial institutions and customers, CISA submits that the techniques, tactics, and procedures contained in this report warrant renewed attention. Read the alert at CISA.
CISA has published an advisory on improper restriction of excessive authentication attempts, uncontrolled resource consumption, missing encryption of sensitive data, unprotected storage of credentials, and predictable from observable state vulnerabilities in Weidmueller Industrial Ethernet Switches. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to the device, affecting the confidentiality, integrity, and availability of the device the attacker is targeting.
CISA has published an advisory on a link following vulnerability in Thales DIS SafeNet Sentinel LDK License Manager Runtime. All versions prior to 7.101 are affected. Successful exploitation of this vulnerability could allow a local attacker to escalate privileges. Thales recommends upgrading to Version 7.101 or later. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.
IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking a new destructive malware campaign dubbed ZeroCleare. X-Force IRIS has been following the evolution of destructive, disk-wiping malware since the first Shamoon attacks during the summer of 2012, and recently discovered ZeroCleare being used to execute a destructive attack on organizations in the energy and industrial sectors in the Middle East.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
