Home » Security Information

Security Information

This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.

SG Security Scan

SG Security Articles

Latest Security Advisories (US-CERT)

CISA released seventeen Industrial Control Systems (ICS) advisories on May 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-137-01 Siemens Parasolid
• ICSA-24-137-02 Siemens SICAM Products
• ICSA-24-137-03 Siemens Teamcenter Visualization and JT2Go
• ICSA-24-137-04 Siemens Polarion ALM
• ICSA-24-137-05 Siemens Simcenter Nastran
• ICSA-24-137-06 Siemens SIMATIC CN 4100 Before V3.0
• ICSA-24-137-07 Siemens SIMATIC RTLS Locating Manager
• ICSA-24-137-08 Siemens PS/IGES Parasolid Translator Component
• ICSA-24-137-09 Siemens Solid Edge
• ICSA-24-137-10 Siemens RUGGEDCOM CROSSBOW
• ICSA-24-137-11 Siemens RUGGEDCOM APE1808
• ICSA-24-137-12 Siemens Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems
• ICSA-24-137-13 Siemens Industrial Products
• ICSA-24-137-14 Rockwell Automation FactoryTalk View SE
   
• ICSA-23-044-01 Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)
• ICSA-24-074-14 Mitsubishi Electric MELSEC-Q/L Series (Update A)
   
• ICSMA-20-049-02 GE Healthcare Ultrasound Products (Update A)

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2014-100005 D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability
• CVE-2021-40655 D-Link DIR-605 Router Information Disclosure Vulnerability
• CVE-2024-4761 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Cisco has released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Users and administrators are encouraged to review the following advisories and apply necessary updates:
    Cisco Crosswork Network Services Orchestrator
    Cisco Crosswork Network Services Orchestrator Privilege Escalation
    ConfD CLI Privilege Escalation and Arbitrary File Read and Write
    Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation
    Cisco Crosswork Network Services Orchestrator Open Redirect
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting
    Cisco Secure Email Gateway HTTP Response Splitting
    Cisco AppDynamics Network Visibility Service Denial of Service
 

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-30051 Microsoft DWM Core Library Privilege Escalation Vulnerability
• CVE-2024-30040 Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA, in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with recommended actions and mitigations to reduce the risk of cyber intrusions. Additionally, the guide encourages software manufactures to actively implement and publicly commit to Secure by Design practices that are necessary to help protect vulnerable and high-risk communities.

Civil society, comprised of organizations and individualssuch as nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalist, dissident, and diaspora organizations, communities involved in defending human rights and advancing democracyare considered high-risk communities. Often these organizations and their employees are targeted by state-sponsored threat actors who seek to undermine democratic values and interests.  

CISA and partners encourage civil society organizations and software manufacturers to review and implement the mitigations and practices in the joint guide to mitigate the threat posed by malicious cyber actors to civil society organizations. To learn more about secure by design principles and practices,visit CISAs Secure by Design webpage. For more on protecting civil society, visit CISAs Cybersecurity Resources for High-Risk Communities webpage. 

CISA released four Industrial Control Systems (ICS) advisories on May 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-135-01 Rockwell Automation FactoryTalk Remote Access
• ICSA-24-135-02 SUBNET PowerSYSTEM Center
• ICSA-24-135-03 Johnson Controls Software House C-CURE 9000
• ICSA-24-135-04 Mitsubishi Electric Multiple FA Engineering Software Products

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.