It’s never been more important for businesses to invest in the best security measures available to them. Hackers and cybercriminals are constantly attempting to attack organizations and access their data. What’s more, cyber attacks are becoming increasingly sophisticated and new threats are constantly emerging.  So, it’s vital that businesses stay up-to-date with security measures to […]

The post How an Intrusion Detection System Can Ensure End-User Security appeared first on TuxCare.

The post How an Intrusion Detection System Can Ensure End-User Security appeared first on Security Boulevard.

The storm interfered with navigational systems used in tractors and other farming equipment, leaving some farmers temporarily unable to plant their crops.

© Tiffany Graham

To get the visibility and insights they need into their cyber estate, security teams must have the most up-to-date asset information, as well as a simple way to discover new assets that exist on networks and in different cloud accounts. To simplify this process for our customers, Noetic has developed a new integration with Lansweeper, […]

The post Empowering Cyber Asset Management with IT Asset Discovery: Noetic Cyber™ Teams Up with Lansweeper appeared first on Security Boulevard.

A new UPS management vulnerability in CyberPower Uninterrupted Power Supply (UPS) management software has been uncovered, revealing multiple flaws that have serious implications for the security of vital systems across various sectors. The utilization of UPS management software spans a wide array of sectors, ranging from data centers to healthcare facilities and government agencies. Its role in maintaining uninterrupted operations is crucial, making any vulnerability in such software a matter of utmost concern.

Understanding the CyberPower UPS Management Vulnerability

[caption id="attachment_67311" align="alignnone" width="1282"] Source: Cyble[/caption] The Cybersecurity and Infrastructure Security Agency (CISA), a key entity responsible for safeguarding critical infrastructure in the United States, has issued alerts highlighting the increased interest of hacktivist groups in targeting internet-exposed Industrial Control Systems (ICS) devices. Cyble Research and Intelligence Labs (CRIL) also shared an elaborate report on the rise of hackers exploiting UPS management systems to target unsuspecting victims.

“CRIL researchers speculate that threat actors could soon leverage the critical vulnerabilities disclosed in PowerPanel in upcoming campaigns. With the potential for exploitation looming, urgent attention to patching and mitigation measures is imperative to preemptively thwart any attempts to exploit these weaknesses”, said CRIL.

[caption id="attachment_67315" align="alignnone" width="1536"] Source: Cyble[/caption] Against this CyberPower UPS vulnerability, the official report details critical information about the flaw and the mitigation strategies, including opting for the latest patch updates across multiple devices.  PowerPanel is a UPS management software designed to offer advanced power management capabilities for various critical systems such as Uninterrupted Power Supply, Power Distribution Units, and Automatic Transfer Switches. Its features include real-time monitoring, remote management, event logging, automatic shutdown, and energy management, among others, providing organizations with the tools needed to ensure continuous power availability and optimize energy usage.

Overview of the UPS Management Vulnerability

The disclosed vulnerabilities in PowerPanel Business Software, version 4.9.0 and prior, present a technical risk to system integrity and security. These vulnerabilities range from the use of hard-coded passwords and credentials to active debug code and SQL injection flaws. Exploitation of these vulnerabilities could potentially allow attackers to bypass authentication, gain administrator privileges, execute arbitrary code, and compromise sensitive data. [caption id="attachment_67317" align="alignnone" width="309"] Source: Cyble[/caption] Past incidents involving cyberattacks on UPS systems highlight the potential consequences of such vulnerabilities. Groups like GhostSec and TeamOneFist have targeted UPS systems in various campaigns, demonstrating the disruptive capabilities of such attacks. While the impact of these incidents may vary, the direct access to UPS systems by attackers remains a critical concern. [caption id="attachment_67318" align="alignnone" width="495"] Source: Cyble[/caption] Addressing the vulnerabilities in PowerPanel Business Software requires a proactive approach, including timely patching and implementation of mitigation measures. Organizations are advised to implement robust patch management strategies, conduct regular security audits and penetration testing, and enhance user awareness. Additionally, measures such as network segmentation and the use of Multi-Factor Authentication (MFA) can help bolster defenses against potential attacks. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

The Play ransomware group has claimed responsibility for an attack on the Kansas City Scout System which forced its staff to take immediate protective action by shutting down all systems. The Kansas City Scout System provides real-time weather and traffic updates to drivers along roads and highways in Kansas City. This system, managed jointly by the Departments of Transportation in Missouri and Kansas, suffered a significant setback during a weekend of severe storms. While the details of the attack are unknown, the Play ransomware gang later appeared to claim responsibility for the attack. The shut down affected the service's dynamic information boards, the official website as well as the real-time camera system.

Kansas City Scout System Systems Shut Down

Local news outlets posted images of blank screens along the Kansas City highways, highlighting the system's outage. The organization later confirmed through social media that a cyberattack had caused the disruption. Although specific details regarding the attack were not disclosed, the IT team took preemptive measures by shutting down all systems. [caption id="attachment_67016" align="alignnone" width="864"] KC Scout System Services Update Notice on X.[/caption] The Kansas City Scout staff stated on its official X.com (Twitter) account that restoration efforts were underway but stated that it was too early to provide a rough estimation of full availability and that could possibly take months for full restoration. The staff requested for patience from partners and the public as they work to restore the systems. [caption id="attachment_67012" align="alignnone" width="502"] Source: X.com (@AlvieriD)[/caption] The Play Ransomware group listed the Kansas City Scout System as a victim on its official leak site today, while giving about 6 days before publication of allegedly compromised data. No samples or further details were provided, making it difficult to confirm the group's involvement in the attack. While Play Ransomware group has claimed responsibility for the cyberattack on the Kansas City Scout System, however, it remains unconfirmed whether they actually conducted the attack or are merely claiming responsibility to attract attention. Official confirmation of the hacker collective responsible for the said attack is yet to be provided.

Attack coincided with severe weather conditions in the area

This attack coincided with severe weather conditions in the area, including tornadoes that claimed four lives. Trooper Tiffany Baylark from the Kansas Highway Patrol expressed concerns about the inability to communicate severe weather warnings or watches to drivers due to the outage. The inaccessibility of the system's official website, further complicated the situation amidst the severe weather forecast. Melissa Black, a spokeswoman for the Missouri Department of Transportation’s Kansas City District advised the public to seek Missouri traffic information via MoDOT.org or by calling 888-275-6636. Similarly, Kansas information could be obtained through KanDrive.gov or by calling 511. Officials stated that immediate and critical traffic information impacting the KC metro area would be shared through these sites. Limited information about the traffic and weather situation could be accessed via the toll-free number. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

The centralized system helps organizations identify, track, and reduce risks, addressing the challenges of incomplete risk visibility and manual processes.

The post Critical Risk Launches Critical Start Cyber Risk Register  appeared first on Security Boulevard.

The event will be active when the moon is just a sliver in the sky, but it is less easy to see in the Northern Hemisphere than other meteor showers.

© W. Liller/NASA

With the help of Google Cloud, scientists churned through hundreds of thousands of images of the night sky to reveal that the solar system is filled with unseen objects.

© B612 Asteroid Institute/University of Washington DiRAC Institute/OpenSpace Project

With the help of Google Cloud, scientists churned through hundreds of thousands of images of the night sky to reveal that the solar system is filled with unseen objects.

© B612 Asteroid Institute/University of Washington DiRAC Institute/OpenSpace Project