October 17, SecurityWeek – (International) Siemens patches flaws in SIMATIC, license manager products. Siemens released software updates addressing several vulnerabilities in its SIMATIC and Automation License Manager (ALM) products after Kaspersky Lab researchers discovered ALM was plagued with a critical path traversal issue that could allow a remote attacker to upload files to the disk, create and remove files, or move existing files via specially crafted packets, as well as a denial-of-service (DoS) flaw, and a Structured Query Language (SQL) injection flaw. Siemens also patched two low severity issues in its SIMATIC STEP 7 engineering software after Positive Technologies researchers found the flaws can be exploited by a local attacker to access sensitive information and to brute-force pre-shared keys that protect device-to-device communications. Source
October 16, Softpedia – (International) Locky ransomware accounted for 97 percent of all malicious email attachments. Proofpoint released its Quarterly Threat Summary for quarter 3 (Q3) 2016, which reported that the Locky ransomware was found in 96.8 percent of all malicious spam email attachments and typically manifests itself as a ZIP file with a JavaScript file inside, Microsoft Office documents with malicious macro scripts, Hypertext Markup Language Application (HTA) files, or Microsoft Windows Script Files (WSF). The report also stated that banking trojans continue to be a pervasive threat, while exploit kit (EK) activity has decreased 65 percent since Q2. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report