You are here

Home

Cybersecurity

The Bigger the Company, the Messier the Password Practices

A new report from password management company LogMeIn finds that the bigger the enterprise, the bigger the problem when it comes to managing passwords. The company’s recently released Global Password Security Report scores its 43,000 customers on password strength, reuse, and use of multi-factor authentication. While the average score equaled a 52 out of 100 — a score LogMeIn considers to be good — the numbers generally showed the larger the company, the lower the average security score.

WECON PI Studion (ICSA-18-277-01) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on stack-based buffer overflow, out-of-bounds write, information exposure through XML external entity reference, and out-of-bounds read vulnerabilities in WECON PI Studio. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior are affected. Successful exploitation of these vulnerabilities may allow remote code execution, execution of code in the context of an administrator, read past the end of an allocated object or allow an attacker to disclose sensitive information under the context of administrator.

NCCIC Alert (TA 18-276B): Advanced Persistent Threat Activity Exploiting Managed Service Providers

Then NCCIC has released Technical Alert 18-276B about Advanced Persistent Threat (APT) actors attempted to infiltrate the networks of global managed service providers (MSPs) in order to gain unauthorized access to the networks of their customers. MSPs provide remote management of customer IT and end-user systems, and the number of organizations using MSPs has grown significantly over recent years since these services allow customers to scale and support their networks at lower costs than financing these resources internally.

NCCIC Alert (TA 18-276A): Using Rigorous Credential Control to Mitigate Trusted Network Exploitation

The NCCIC has released Technical Alert 18-276A about Advanced Persistent Threat (APT) actors stealing the access credentials of one organization in order to target another another entity the first organization has a trusted relationship with. Using the stolen credentials, the APT actors can act the part of a legitimate partner to the target organization, which may be a parent company, a connected partner, or a contracted managed service provider.

GE Communicator (ICSA-18-275-02) – Product Used in the Energy Sector

The NCCIC has released an advisory on a heap-based buffer overflow vulnerability in GE Communicator. GE Communicator version 3.15 and prior and Gigasoft, a third-party product, version 5 and prior are affected. Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. GE recommends users update to Version 4.0 or the latest available release, to mitigate this vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

Entes EMG 12 (ICSA-18-275-03) – Product Used in the Energy Sector

The NCCIC has released an advisory on improper authentication and information exposure through query strings in GET request vulnerabilities in Entes EMG 12. EMG Ethernet Modbus Gateway Firmware versions 2.57 and prior are affected. Successful exploitation of these vulnerabilities may allow attackers to gain unauthorized access and could allow the ability to change device configuration and settings. Entes recommends that users update to the latest available firmware version.

Delta Electronics ISPSoft (ICSA-18-275-01)

The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Delta Electronics ISPSoft. Versions 3.0.5 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the context of the application. Delta Electronics recommends affected users update to ISPSoft v3.0.6 or newer. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.

Pages

Subscribe to Cybersecurity