You are here

Home

Cybersecurity

gpsd Open Source Project (ICSA-18-310-01)

The NCCIC has published an advisory on a stack-based buffer overflow vulnerability in gpsd Open Source Project. For gpsd, versions 1.0 to 1.3 are affected. For microjson, versions 1.0 to 1.3 are affected. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash. gpsd/microjson project maintainers recommend upgrading to gpsd Version 3.18 or newer and microjson 1.4 or newer to resolve this vulnerability.

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K) (ICSA-17-129-01I) – Product Used in Energy and Water and Wastewater Systems Sectors

February 14, 2019

The NCCIC has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

February 27, 2018

ICS-CERT has updated this advisory with additional details on affected products and mitigation details. ICS-CERT.

January 23, 2018

Tags: 
ics-cert siemens simantic

SpeakUp Backdoor Trojan May Be a Threat throughout 2019

Software technology company Check Point reports its researchers detected a new campaign exploiting Linux servers to distribute a backdoor Trojan, dubbed SpeakUp. SpeakUp is capable of delivering any payload and executing it on compromised machines; it evades detection by all security vendors’ anti-virus software. According to Check Point, threats like SpeakUp are a stark warning of bigger threats to come since they can evade detection and then distribute further, potentially more dangerous malware to compromised machines.

Four Ransomware Trends to Watch in 2019

An article from Recorded Future predicts some trends in ransomware for the coming year. One of the predicted trends is that successful ransomware campaigns will continue to rely on open remote desktop protocol (RDP) servers as the initial access point. These campaigns look for networks that have internet-facing servers running the RDP service, with attackers either taking advantage of well-known vulnerabilities in unpatched servers or using brute-force password attacks.

Some GPS Receivers May Malfunction on or after April 6

GPS Week Rollover occurs on April 6, 2019, which could cause a mini "millennium bug" for some GPS devices. While this is a known issue arising from the way the system works, critical infrastructure operators whose systems use GPS are encouraged to prepare for the event. Most modern GPS receivers shouldn't be affected by this (devices that conform to IS-GPS-200 and provides UTC will be fine), but testing carried out by the U.S.

Why U.S. Cities are a Major Target for Cyber Attacks

A former cyber attacker writes about why city governments are appealing targets for malicious cyber operations. For one, the potential impact of targeting a city is huge. In addition to the normal “benefits” of getting access to private customer data, credit cards and so on, penetrating a city may give attackers access to sensitive information about residents. Depending on the local-government agency and its IT structure, attackers can access and impact a variety of systems, including those associated with critical infrastructure. Secondly, cities are vulnerable.

Hackers Wipe U.S. Servers of Email Provider, Erasing Customers’ Data

Hackers have breached the severs of email provider VFEmail and wiped the data from all its US servers, destroying customers' data in the process. "At this time, the attacker has formatted all the disks on every server," the company said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost. This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy," VFEmail said. Founded in 2001 and based in Milwaukee, VFEmail provides email service to businesses and end users.

Pages

Subscribe to Cybersecurity