The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued four advisories about security issues, vulnerabilities and exploits affecting industrial control systems (ICS). The advisories highlight hardware vulnerabilities in specific systems and advises users and administrators to review for technical details and mitigation steps. Vulnerabilities include the potential acquiring of read-only access, ability to run arbitrary SQL queries, modify and delete sensitive data, shut down databases, and access patient details in related software.

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
The Russian cybercrime group FIN7 is linked to a Python-based backdoor named Anubis, providing them remote access to compromised Windows systems, says Swiss cybersecurity firm