Moxa NPort Flaws Patched
by Artie Kaye
Moxa’s NPort 5110 devices had security flaws discovered recently. The company and CISA have made statements regarding these vulnerabilities and advise patching as soon as able. One attack can take over the device, the only way to regain control would be turning it off and on again manually. This could be a problem if the device is not located some place convenient. The other attack allows the ability to corrupt data, which could make the device completely inoperable. If you have any of the devices, please contact your support and get them updated.
The flaws are listed as CVE-2022-2043 and CVE-2022-2044.
https://www.moxa.com/en/support/product-support/security-advisory/nport5110-series-vulnerabilities
https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-04
Shift In Malware Distribution
by Artie Kaye
Over the past few months Microsoft has pushed out various security functions to help limit a user’s ability to be taken unaware by malware. Adding in a function that prevents macros and links from downloaded files from being activated in Office. The attackers have taken notice and have shifted their strategy. The methods for which files are verified includes hidden attributes, depending on the values set, it will stop the hacker’s desired outcome. Because of this, they have taken to using archive files like ISO or 7z to prevent these flags on the files. One method on the rise is the use of LNK files. These are a common file that can point to pretty much anywhere, but usually are used for local files. Most LNK files are not suspicious, you probably have hundreds on your machine right now, but the versions being sent out are designed to infect machines with malware. Always check before opening anything you get as an attachment in an email.
https://www.proofpoint.com/us/blog/threat-insight/how-threat-actors-are-adapting-post-macro-world
https://thehackernews.com/2022/07/hackers-opting-new-attack-methods-after.html