Collaborate Disseminate
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said. Continue reading Snake Ransomware Delivers Double-Strike on Honda, Energy Co.
I have been researching about the Silver Star Mines Case Study and it mentioned the SCADA system quite a lot.
I really want to know what is a SCADA system, in general, and what are some security concerns that they pose?
A mysterious set of hackers has in recent months launched data-stealing attacks against Azerbaijan government officials and companies in the country’s wind industry, researchers from Cisco Talos said Thursday. The attackers are using a new hacking tool, whose code is littered with references to English playwright William Shakespeare, to try to gain remote access to target computers and exfiltrate data automatically. The allusion to Shakespeare is an enigma, as is the culprit. What is clear is that Azerbaijan faced a concerted effort to steal data from sensitive assets in and out of government. The hackers mimicked the Azerbaijani government’s email infrastructure in a likely attempt to pluck login credentials from officials. “The actor monitored specific directories, signaling they wanted to exfiltrate certain information on the victims,” Talos researchers said in a blog post. The hackers have also shown an “interest” in the control systems, known as Supervisory Control and Data Acquisition (SCADA) systems, used in […]
The post What fools these mortals be: ‘Shakespearean’ hackers hit Azerbaijani government and energy sectors appeared first on CyberScoop.
A never-before-seen RAT is targeting Azerbaijan energy companies with various tools aimed at stealing credentials and exfiltrating valuable data. Continue reading New PoetRAT Hits Energy Sector With Data-Stealing Tools
EKANS is a new ransomware that targets industrial control systems: But EKANS also uses another trick to ratchet up the pain: It’s designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. That allows it to then encrypt the data that those control system programs interact with. While crude compared to… Continue reading New Ransomware Targets Industrial Control Systems
New details: At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company’s threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group carry out so-called password-spraying attacks… Continue reading Iranian Attacks on Industrial Control Systems
New details: At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company’s threat intelligence group that show a shift in the activity of the Iranian hacker g… Continue reading Iranian Attacks on Industrial Control Systems
Mission-critical systems can’t just be switched off to apply security updates — so patching can take weeks if not years. Continue reading How to Secure Critical Infrastructure When Patching Isn’t Possible
via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Hass at Little Bobby Comics.
Permalink
The post Robert M. Lee’s & Jeff Hass’ Little Bobby Comics, ‘Power Grid… Continue reading Robert M. Lee’s & Jeff Hass’ Little Bobby Comics, ‘Power Grid’
When U.S. Cyber Command simulated a cyberattack against a seaport last month, military personnel hunted for adversaries who appeared to be using malware against a critical trade hub in an updated version of its annual exercises. The annual weeklong test, known as “Cyber Flag,” is meant to help cyber staffers better defend against critical infrastructure cyberattacks, military commanders involved in the exercise told reporters in a briefing Tuesday. By imitating a cyberattack that blocked the seaport’s ability to move cargo, potentially affecting inernational trade, military leaders tested their readiness for a real-world attack, and looked for ways to improve their response. The simulation also included officials from throughout the U.S. government and from allied partners to emphasize stronger coordination. “Cyber Flag is the command’s annual tactical exercise series that features teams working on keyboard against a live opposing force,” said Rear Adm. John Mauger, Cyber Command’s director of exercises and training. “The environment is really […]
The post U.S. Cyber Command simulated a seaport cyberattack to test digital readiness appeared first on CyberScoop.
Continue reading U.S. Cyber Command simulated a seaport cyberattack to test digital readiness