https://threatpost.com/nsa-urgent-warning-industrial-cyberattacks-triconex/157723/

Batten down the hatches.

"The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S.

Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. These safety instrumented system (SIS) controllers are responsible for shutting down plant operations in the event of a problem and act as an automated safety defense for industrial facilities, designed to prevent equipment failure and catastrophic incidents such as explosions or fire. They’ve been targeted in the past, in the TRITON attack of 2017."

>>10065498

The new crop of bugs impact TriStation 1131, v1.0.0 to v4.9.0, v4.10.0, and 4.12.0, operating on Windows NT, Windows XP or Windows 7; and Tricon Communications Module (TCM) Models 4351, 4352, 4351A/B, and 4352A/B installed in Tricon v10.0 to v10.5.3 systems. Current and more recent versions are not exposed to these specific vulnerabilities – but many ICS installations are still running legacy versions.

The critical bug (CVE-2020-7491) is an improper access control flaw: “A legacy debug port account in TCMs installed in Tricon system Versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access.”

There are also four, less-severe issues. The bug tracked as CVE-2020-7484 (severity rating of 7.5) allows uncontrolled resource consumption, according to ICS-CERT: “A vulnerability related to the password feature in TriStation 1131 Versions 1.0 through 4.12.0 could allow a denial-of-service attack if the user is not following documented guidelines pertaining to dedicated TriStation 1131 connection and key-switch protection.”

Meanwhile, an uncontrolled resource consumption bug (CVE-2020-7486), also with a CvSS score of 7.5, could cause TCMs installed in Tricon system Versions 10.0.0 through 10.4.x to reset when under high network load. This reset could result in a denial of service behavior with the SIS.

Another bug (CVE-2020-7485) is a hidden-functionality issue, severity rating of 5.5: “A vulnerability related to a legacy support account in TriStation 1131 versions 1.0 through 4.9.0 and 4.10.0 could allow inappropriate access to the TriStation 1131 project file.”

And finally, CVE-2020-7483 (severity rating of 5.3) allows cleartext transmission of sensitive information. “A vulnerability related to the “password” feature in TriStation 1131 Versions 1.0 through 4.12.0 could cause certain data to be visible on the network when the feature was enabled,” according to the advisory.

https://www.justice.gov/opa/pr/singaporean-national-pleads-guilty-acting-united-states-illegal-agent-chinese-intelligence

“At the direction of Chinese intelligence operatives, the defendant targeted U.S. government employees and an Army officer to obtain information for the government of China. Mr. Yeo admits he set up a fake consulting company to further his scheme, looked for susceptible individuals who were vulnerable to recruitment, and tried to avoid detection by U.S. authorities,” said Alan E. Kohler Jr., Assistant Director of the FBI's Counterintelligence Division. “But this isn't just about this particular defendant. This case is yet another reminder that China is relentless in its pursuit of U.S. technology and policy information in order to advance its own interests. The FBI and our partners will be just as aggressive in uncovering these hidden efforts and charging individuals who break our laws.”

Faulkner didn't like what she was looking at.

https://twitter.com/Breaking911/status/1286718463319441408

>>10066081

https://tgstat.com/channel/@CIG_telegram

/CIG/ presents viewers a controversial blend of ultraright genopolitics with geopolitics. This includes an expośe on current news, history and social matters along with the public enlightenment gained from völkisch aesthetics.

>>10066179