Monday, June 12, 2017

ICS-CERT Publishes WannaCry Update (#9)

Today the DHS ICS-CERT published their first WannaCry update in almost two weeks. The last update was published on May 31st for the alert that was originally published on May 15th, 2017. The update includes a link to new vendor information and a link to the update in the STYX format, a machine readable format for sharing cyber threat information.

The new vendor information comes from Johnson & Johnson. The Update provides a link to a new ‘Security Advisories’ page which contains links to two product advisories; Certus®140 System, and Carto®3 System. No really new information is available in either document.

ICS-CERT kept the original Johnson & Johnson link in the Update. Unfortunately, that link now has nothing to do with WannaCry. All mention was removed leaving it just a generic cybersecurity disclosure reporting page. That link probably should have been removed from the Update.

ICS-CERT did miss reporting on Siemens WannaCry updates for a number of their products, including (thanks to the Siemens ProductCERT for their tweets):

Ultrasound products, published June 1st;
Mammography products, published June 1st;
Multimodality Workplace products, published June 1st;
Siemens Healthineer products, published June 1st; and
Advanced Therapy products, published June 9th.

These were just mainly product update reporting.

BTW: I half expected to see an ICS-CERT alert on CrashOverride today since US-CERT came out with their alert today. I’m still reading the Dragos paper but it sounds interesting. More to come, I’m sure.

No comments:

/* Use this with templates/template-twocol.html */