Using B&R Automation's SiteManager and GateManager or MB Connect Line's mbCONNECT24?
Do this: Make sure to update to the latest version. Additionally, reduce the network exposure for all control system devices by segmenting and isolating control system networks and remote devices from the general business network.
Why:"Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets."
Additional Info:https://thehackernews.com/2020/10/industrial-remote-access.html
New Exploit Code for Microsoft Exchange Server Included Within Metasploit
Do this: Apply the latest Microsoft Exchange Server security updates.
Why: While the vulnerability has been around since early September, exploit code has recently been added to Metasploit. If successful, an attacker could execute remote code in the context of the SYSTEM user.
Additional Info: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875
Planning to Vote?
Do this: Watch out for Voter Registration “Error” Phishing campaigns.
Why: Bad actors are at it again and the latest topic is the election. Keep an eye out for emails that claim there is an error in your registration details. They are hunting for your SSN, DL Number, and other PII to be used in identity theft.
Additional Info: P.S. It’s not just identity theft, there is an uptick in malware (Emotet) delivery associated with political emails as well. https://www.proofpoint.com/us/blog/threat-insight/emotet-makes-timely-adoption-political-and-elections-lures
Send Us Your Comments
What did you think of this article? Send us a note to let us know what you liked, would like to see more of, or what we can do better. And don't be surprised if we reach back out with a small 'thank you' gift for your feedback.
