Month: March 2022

Original release date: March 31, 2022

CISA has released two Industrial Controls Systems Advisories (ICSAs) detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. 
 
CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation Logix Controllers and ICSA-22-090-07: Rockwell Automation Studio 5000 Logix Designer for more information and to apply the necessary mitigations and detection method.  

Original release date: March 31, 2022

The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to inform U.S. Government Facilities Sector partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses.

CISA encourages local government officials and public service providers to review FBI PIN: Ransomware Attacks Straining Local U.S. Governments and Public Services and apply the recommended mitigations.
 

A bug in Honda is indicative of the sprawling car-attack surface that could give cyberattackers easy access to victims, as global use of ‘smart car tech’ and EVs surges.

QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch.

The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in literally millions of Java applications.

The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more.

The internet giant issued an update for the bug, which is found in the open-source V8 JavaScript engine.

Original release date: March 30, 2022

The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn U.S. election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials. 

CISA encourages federal, state, and local government officials to review FBI PIN: Cyber Actors Target U.S. Election Officials with Invoice-Themed Phishing Campaign to Harvest Credentials and apply the recommended mitigations.

Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing.

Original release date: March 29, 2022

CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet.

Organizations can mitigate attacks against UPS devices by immediately removing management interfaces from the internet. Review CISA and DOE’s guidance on mitigating attacks against UPS devices for additional mitigations and information.