CyberSecure Specialist

06 Mar

CISA released three (3) Industrial…

Attacks, Insights, Malware

CISA released three (3) Industrial Control Systems (ICS) advisories on February 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-054-01 PTC ThingWorx Edge ICSA-22-333-04 Moxa UC Series (Update A) ICSMA-23-047-01 BD Alaris Infusion Central (Update A)  Please share your thoughts. We recently updated our anonymous Product Feedback; we’d welcome your feedback.

Read More
06 Mar

Tracking device technology: A double-edged sword for CISOs

Data Breaches, Malware, Social Engineering

The transportation industry has doubled down in the area of fleet tracking in recent years, which has come with great benefits and not a few security headaches. On the consumer side, we’ve spoken of Apple’s AirTag and how it has been used to find personal items of import — and also its potential to be abused by the nefarious to track and trace individuals. Now we see that Google is jumping into the fray, with…

Read More
06 Mar

Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs

Information, News

German industrial automation solutions provider Wago has released patches for several of its programmable logic controllers (PLCs) to address four vulnerabilities, including ones that can be exploited to take full control of the targeted device. The vulnerabilities were discovered by Ryan Pickren from the Georgia Institute of Technology’s Cyber-Physical Security Lab. The issues were identified by the researcher as part of a PhD project on the security of industrial control systems (ICS). Pickren previously earned…

Read More
05 Mar

Today, CISA retired US-CERT and…

Attacks, Insights, Malware

Today, CISA retired US-CERT and ICS-CERT, integrating CISA’s operational content into a new CISA.gov website that better unifies CISA’s mission. CISA will continue to be responsible for coordinating cybersecurity programs within the U.S. government to protect against malicious cyber activity, including activity related to industrial control systems. In keeping with this responsibility, CISA will continue responding to incidents, providing technical assistance, and disseminating timely notifications of cyber threats and vulnerabilities. Visit the new CISA.gov today!…

Read More
05 Mar

CISA assesses that the United…

Attacks, Insights, Malware

CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia’s 2022 invasion of Ukraine. CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat. In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion of Ukraine, CISA maintains public cybersecurity resources, including Shields…

Read More
05 Mar

CISA has added one new…

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-36537 ZK Framework AuUploader Unspecified Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates. Binding Operational Directive (BOD)…

Read More
04 Mar

EPA Mandates States Report on Cyber Threats to Water Systems

Information, News

The Biden administration on Friday said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks. The Environmental Protection Agency said public water systems are increasingly at risk from cyberattacks that amount to a threat to public health. “Cyberattacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable,”…

Read More
04 Mar

What does $5,000 buy you on a hacking forum? – Week in security with Tony Anscombe

Information

A bootkit that ESET researchers have discovered in the wild is the BlackLotus UEFI bootkit that is being peddled on hacking forums For a mere $5,000, you can buy a UEFI bootkit called BlackLotus that can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled. This week, ESET researchers published their analysis of BlackLotus that caused them to conclude that the bootkit they had discovered in the wild is indeed the…

Read More
04 Mar

Feds warn about right Royal ransomware rampage that runs the gamut of TTPs

Information

by Paul Ducklin The US Cybersecurity and Infrastructure Security Agency (CISA), which dubs itself “America’s Cyber Defense Agency”, has just put out a public service annoucement under its #StopRansomware banner. This report is numbered AA23-061a, and if you’ve slipped into the habit of assuming that ransomware is yesterday’s threat, or that other specific cyberattacks should be at the top of your list in 2023, then it is well worth reading. The risks you introduce by…

Read More
04 Mar

Today, CISA released a…

Attacks, Insights, Malware

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.     As…

Read More