Guidance

Read more about the article CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency

CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency

  • Post author:
  • Post category:

October 17, 2023,The Cybersecurity and Infrastructure Security Agency (CISA) collaborates with public safety, national security, and emergency preparedness communities to enhance seamless and secure communications to keep America safe, secure, and resilient. Any interruption in communications can have a cascading effect, impacting a public safety agency’s ability to deliver critical lifesaving services to the community.

Continue ReadingCISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency
Read more about the article CISA Releases Two Industrial Control Systems Advisories

CISA Releases Two Industrial Control Systems Advisories

  • Post author:
  • Post category:

CISA released two Industrial Control Systems (ICS) advisories on October 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-290-01 Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products ICSA-23-290-02 Rockwell Automation FactoryTalk Linx CISA encourages users and administrators to review the newly released ICS advisories for

Continue ReadingCISA Releases Two Industrial Control Systems Advisories
Read more about the article ICS Advisory: Rockwell Automation FactoryTalk Linx

ICS Advisory: Rockwell Automation FactoryTalk Linx

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Linx Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to information disclosure or a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell products are affected: FactoryTalk

Continue ReadingICS Advisory: Rockwell Automation FactoryTalk Linx
Read more about the article ICS Advisory: Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products

ICS Advisory: Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Power Monitoring Expert, EcoStruxure Power Operation with Advanced Reports, EcoStruxure Power SCADA Operation with Advanced Reports Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code

Continue ReadingICS Advisory: Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products
Read more about the article CISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance

CISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance

  • Post author:
  • Post category:

Today, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) released an update to Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by- Design and -Default with the following international partners: Australian Cyber Security Centre (ACSC) Canadian Centre for Cyber Security (CCCS) United Kingdom’s National

Continue ReadingCISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance