The insider threat problem will worsen, and the solutions will widen, in the age of generative-AI.
The post Insider Threat: Tackling the Complex Challenges of the Enemy Within appeared first on SecurityWeek.
SecurityWeek – Read More
SUMMARY Cybersecurity researchers at Group-IB have discovered a sophisticated refund scam where scammers are using remote access tools…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The Cybersecurity and Infrastructure Security Agency (CISA) released two critical Industrial Control Systems (ICS) advisories. These advisories, ICSA-25-007-01 and ICSA-25-007-02, aim to inform users and administrators about vulnerabilities in key ICS products. The goal is to mitigate potential risks to vital infrastructure sectors by highlighting existing security weaknesses that could be exploited by cyber attackers.
The first advisory, ICSA-25-007-01, addresses multiple vulnerabilities within ABB’s ASPECT-Enterprise, NEXUS, and MATRIX series products. ABB, a leading provider of industrial automation and control systems, has reported numerous security flaws that could severely impact system integrity. These vulnerabilities range from weak passwords to critical code injection weaknesses, and they pose a significant risk to critical manufacturing sectors.
Several vulnerabilities have been identified within ABB’s products, which include:
The most severe vulnerabilities carry a CVSS v3 score of 10.0, indicating they are highly exploitable and could lead to remote code execution, unauthorized access, or denial of service (DoS). These vulnerabilities were present across multiple versions of ABB products, including ASPECT-Enterprise (ASP-ENT-x), NEXUS Series (NEX-2x), and MATRIX Series (MAT-x), with affected versions prior to 3.08.02.
The following products are affected by these vulnerabilities:
These products are deployed worldwide and are critical to operations in sectors like critical manufacturing. The vulnerabilities affect systems in both industrial and commercial environments, making them high-priority targets for cybersecurity professionals.
ABB has recommended users upgrade their systems to version 3.08.02 or later, which resolves many of these issues. Additionally, users are urged to apply security patches and adopt stronger password policies to mitigate the risk of unauthorized access.
CISA’s advisory highlights that these vulnerabilities could be exploited remotely, with low complexity and without requiring direct access to the devices. Exploits could allow attackers to execute arbitrary code, gain unauthorized access to sensitive data, or disrupt operations. Thus, the ICSA-25-007-01 advisory serves as a critical call to action for administrators to update their systems and implement security best practices immediately.
The second advisory, ICSA-25-007-02, addresses vulnerabilities in the Nedap Librix Ecoreader. Nedap is a well-known provider of RFID solutions, and the Ecoreader is used in access control and inventory management. The advisory highlights several flaws in the system that could expose sensitive data and allow attackers to manipulate access controls.
While the ICSA-25-007-02 advisory lacks the extensive list of vulnerabilities that appear in the ABB advisory, it still outlines critical risks, particularly in environments where physical security and data integrity are paramount.
The release of CISA’s ICS advisories, ICSA-25-007-01 and ICSA-25-007-02, highlights the critical need for prompt action to secure industrial control systems against emerging cyber threats. These advisories identify vulnerabilities in ABB’s and Nedap’s products that could compromise ICS integrity, leading to operational disruptions and data breaches.
With cyberattacks on infrastructure becoming more sophisticated, organizations must prioritize security updates and proactive measures. Cybersecurity experts like Cyble can help organizations better defend against cyber threats, ensuring the protection of critical infrastructure and operations.
The post CISA Releases Two New Industrial Control Systems Advisories for 2025 appeared first on Cyble.
Blog – Cyble – Read More
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.
The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
The Hacker News – Read More
Chrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers.
The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
The Australian Government has shared its latest report for commonwealth cyber security. The Commonwealth Cyber Security Posture in 2024 report provides an essential update on the measures and progress related to cyber security across Australian Government entities. Tabled before the Australian Parliament, the report is a key tool for understanding the implementation and effectiveness of cyber security protocols for the 2023–24 financial year. As part of the government’s ongoing efforts to protect national security, public trust, and the economy, the Commonwealth Cyber Security Posture in 2024 highlights areas of improvement, challenges, and recommendations for enhancing Australia’s cyber defenses.
According to the report, the Australian Government consists of 1002 non-corporate Commonwealth entities (NCEs), 74 corporate Commonwealth entities (CCEs), and 16 Commonwealth companies (CCs), summing up to 190 government entities as of June 30, 2024. The report draws from the Australian Signals Directorate’s (ASD) Cyber Security Survey for Commonwealth Entities, which revealed an impressive 94% participation rate in 2024—the highest to date. This marks an important step towards understanding and mitigating cyber security risks across Australian Government entities.
Cyber security is assessed in the report using three primary criteria:
The report illustrates that while substantial progress has been made, there are areas in need of improvement. One notable concern is the declining number of entities meeting Maturity Level 2 across the Essential Eight mitigation strategies. In 2024, only 15% of entities reached Maturity Level 2—a decrease from 25% in 2023.
The Essential Eight strategies, a set of cyber security practices developed by ASD, aim to reduce vulnerabilities and enhance cyber resilience across government systems. These strategies form the backbone of the Commonwealth Cyber Security Posture in 2024, and their implementation is a crucial factor in assessing the security posture of government agencies.
Despite this decline, there are encouraging signs of progress in certain areas. In 2024, 75% of entities had a cyber security strategy in place, an increase from 73% in 2023. Moreover, 86% of entities had incorporated cyber security disruptions into their business continuity and disaster recovery plans, a notable improvement from 83% in the previous year. These strategies are crucial for maintaining continuity of government services, ensuring that cyber threats do not derail essential functions.
Another positive development is that 88% of entities had a planned body of work to improve their cyber security, with 82% of these plans being funded. This reflects a proactive stance toward addressing vulnerabilities and strengthening security defenses. Furthermore, 86% of entities now have an incident response plan in place, an increase from 82% in 2023, signaling better preparedness to handle cyber threats when they arise.
The role of training and awareness in strengthening the Commonwealth Cyber Security Posture is also highlighted in the report. In 2024, 78% of government entities provided annual cyber security training to their workforce, maintaining the same percentage as in 2023. More encouragingly, the provision of privileged user training increased with 51% of entities offering this specialized training, up from 39% in 2023. This reflects the growing recognition of the critical need to educate personnel about advanced threats, such as phishing and unauthorized access attempts, which remain prevalent across government networks.
The presence of legacy IT systems remains a persistent challenge for the Commonwealth Cyber Security Posture. These outdated systems pose cyber security risks due to their vulnerability to modern cyberattacks. In April 2024, ASD published guidance on managing the risks of legacy IT, offering low-cost mitigations to help entities manage these risks alongside their current cyber security strategies.
Despite the improvements in cyber security governance, there are still gaps in incident reporting. Only 32% of entities reported at least half of the cyber security incidents observed on their networks to ASD. This highlights a critical area for further improvement, as comprehensive incident reporting is important for identifying online threats and improving national cyber security resilience.
Supply chain risks also remain an important concern. In 2024, 74% of entities conducted supply chain risk assessments for applications, ICT equipment, and services, underscoring the importance of evaluating the security of third-party services and software that could pose risks to government systems.
To enhance Australia’s cyber security defenses, the report recommends that entities:
These recommendations are vital for building a more resilient Commonwealth Cyber Security Posture, ensuring that Australian Government entities are well-prepared to respond to the online threats.
The Commonwealth Cyber Security Posture in 2024 highlights both the progress and challenges in strengthening Australia’s cyber security defenses. The Essential Eight mitigation strategies continue to play an important role in reducing vulnerabilities and enhancing the resilience of government ICT systems. With updates to these strategies addressing cyber threats, the Australian Signals Directorate (ASD) remains at the forefront of protecting against increasingly sophisticated cyber adversaries.
While strides have been made, ongoing vigilance, collaboration, and the continuous refinement of cybers ecurity practices are crucial for protecting Australia’s critical infrastructure. Moving forward, the nation’s commitment to improving incident response, workforce training, and adopting best practices will be vital in overcoming the growing complexities of cyber threats, ensuring a secure and resilient digital future.
The post The Commonwealth Cyber Security Posture 2024: A Deep Dive into Australia’s Cyber Defense Measures appeared first on Cyble.
Blog – Cyble – Read More
This year’s first batch of monthly security updates for Android resolves 36 vulnerabilities, including critical remote code execution flaws.
The post First Android Update of 2025 Patches Critical Code Execution Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices.
“IoT products can be susceptible to a range of security vulnerabilities,” the U.S. Federal Communications Commission (FCC) said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear
The Hacker News – Read More
Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More