Rapid SCADA Vulnerabilities Leaves Industrial Systems at Risk
The Cybersecurity Infrastructure and Security Agency (CISA) released an advisory directed to industrial organizations on seven vulnerabilities for the open-source automation platform, Rapid SCADA, discovered by Claroty.
The seven Rapid SCADA vulnerabilities could be used to exfiltrate sensitive information, remotely execute arbitrary code, and breach critical IT systems. The Rapid SCADA vulnerabilities as of this writing were not yet patched.
Cybersecurity Experts Question ‘Cyber Scam Warning’ Effectiveness
The concern of official cyber scam warnings potentially being ineffective was raised by cybersecurity firms, Praxis Labs, eSentire, stemming from Dubai and Ghana cyber and law enforcement agency reports.
After multiple cyber scam warnings issued by the Dubai Police and the Cyber Security Authority of Ghana, reports of victims continuously poured in for these “search engine scams”. Following the incidents, researchers at Praxis Labs and eSentire released statements on human behavior corresponding to cyber, by being on “default mode” and for search engines, the issuance of “implicit trust”.
TeamViewer Again Used by Ransomware Groups
After waves of TeamViewer ransomware attack usage in the mid-2010s, a new wave of ransomware attacks illicitly use the remote-access tool, as observed by Huntress.
Despite TeamViewer’s implementation of zero-trust security, a new wave of ransomware attacks using TeamViewer are seen to employ older hacking tactics, using credential theft to gain access to computer systems, and deploy ransomware.
