DHS CISA Releases Emergency Directive on DNS Infrastructure Tampering - Updated January 29, 2019
January 29, 2019
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!
Cybersecurity
PHOENIX CONTACT FL SWITCH (ICSA-19-024-02)
improper restriction of excessive authentication attempts, cleartext transmission of sensitive information, resource exhaustion, incorrectly specified destination in a communication channel, insecure storage of sensitive information, and memory corruption vulnerabilities in PHOENIX CONTACT FL SWITCH. Versions 3xxx, 4xxx, and 48xx and versions prior to 1.35. are affected. Successful exploitation of these vulnerabilities may allow attackers to have user privileges, gain access to the switch, read user credentials, deny access to the switch, or perform man-in-the-middle attacks.
Advantech WebAccess/SCADA (ICSA-19-024-01) - Product Used in the Water and Wastewater and Energy Sectors
The NCCIC has published an advisory on path traversal and improper authentication, authentication bypass, and SQL injection vulnerabilities in Advantech WebAccess/SCADA. Version 8.3 is affected. Successful exploitation of these vulnerabilities may allow an attacker to access and manipulate sensitive data. Advantech has released Version 8.3.5 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises on a series of mitigating measures for this vulnerability.
New “BEC-as-a-Service” Trend Means Just about Anyone Can Launch an Attack
Business email compromise (BEC) scams have proven to be a lucrative venture, and the criminals behind them are looking to add another revenue stream to their successful business model: BEC-as-a-Service. These actors make it easy for their customers to impersonate CFOs and other executives to request urgent wire transfers, payment of fake invoices, and other actions designed to divert their targets’ money into their hands. This is bad news in an environment where BEC attacks already cost organizations billions of dollars.
Rushing to Patch? Here’s How to Prioritize Your Security Efforts
Rather than focusing on applying all new patches as soon as possible, a new report from Kenna Security and the Cyentia Institute suggests organizations tackle security from the vantage point of prioritization. With over 110,000 CVEs published-and roughly 300 new CVEs published per week in 2018-staying current with vulnerabilities as they are uncovered is likely to become overwhelming. Likewise, doing so can overextend IT security professionals.
Test Your Ability to Identify Phishing with Free Test
Google has set up a free, online quiz anyone can take to evaluate their ability to spot a phishing email. The quiz tests visitors on a series of emails to see if they can distinguish telltale signs of phishing. Many of the examples are actually based on real events, such as the massive phishing attempt that hit Google Doc users in 2017 or an email that Russian hackers sent to Hillary Clinton’s campaign manager in 2016. After each email, Google explains how to tell the signs, often by hovering over URLs to check where they lead and checking the spelling of email addresses.
As Industrial Systems Surge, Overconfidence Increases Risks
According to an article from Symantec, attacks on industrial control systems (ICS) and Internet of Things (IoT) on the upswing, but organizations aren’t always doing enough to defend themselves. Symantec notes it logged a six-fold increase in the number attacks on customers' IoT systems last year. Elsewhere, 41 percent of ICS computers were attacked in the first half of 2018, up from 37 percent a year earlier.
Here’s Why Foreign Intelligence Agencies Want Your Data
It may seem strange that nation states are behind breaches of companies like Marriott and Delta. Such attacks would seem to be done for financial gain, a motive that is more often attributed to individuals and criminal groups than countries. As an article from Radware explains, foreign intelligence agencies can accumulate a lot of information about these companies’ customers from these breaches, which they can use to build profiles of certain individuals.
National Intelligence Strategy Addresses Traditional and Emerging Threats
The Director of National Intelligence (DNI) has released the 2019 National Intelligence Strategy, which is intended to provide the U.S. intelligence community with strategic direction for the next four years. In its opening pages, the document notes that the strategic environment is changing rapidly, with threats continuing to be posed by traditional adversaries as well as emerging from new actors and technologies like violent extremist groups and cyber tools.
Johnson Controls Facility Explorer (ICSA-19-022-01)
The NCCIC has published an advisory on path traversal and improper authentication vulnerabilities in Johnson Controls Facility Explorer. Versions 14.x prior to 14.4u1 and 6.x prior to 6.6 are affected. Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete sensitive files to gain administrator privileges in the Facility Explorer system. Johnson Controls has mitigated these vulnerabilities in the updated versions, which the NCCIC recommends users upgrade to. The NCCIC also advises on a series of mitigating measures for this vulnerability.
Pages
