Collaborate Disseminate
With the recent vpn filter attacks, and talks about the hackers wanting to attack our SCADA systems in the U.S. I want to setup a honeypot to monitor the attackers and learn more about how they operate. I found this link but think it may b… Continue reading scada honeypot guide help
A group known for infecting a Saudi petrochemical plant with highly sophisticated industrial control malware has targeted the same type of systems inside the United States, according to new research by ICS-focused cybersecurity startup Dragos. The group behind the malware, which Dragos refers to as “Xenotime,” has expanded their operations to include attacks on multiple undisclosed U.S. companies. The malware shows similarities to what’s commonly known as Trisis, which was used in an attack last year in Saudi Arabia. While Trisis exploited one particular industrial control system, researchers say a new variant impacts a variety of safety instrumented systems. Safety instrumented systems, or SIS for short, are hardware and software controls that protect large-scale industrial processes and equipment typically found in nuclear, petrochemical or manufacturing plants. There are few companies who create and manage SIS systems, including but not limited to St. Louis-based Emerson, New Jersey-based Honeywell, and Tokyo-based Yokogawa. Dragos has […]
The post Trisis masterminds have hacked U.S. industrial firms, new research claims appeared first on Cyberscoop.
Continue reading Trisis masterminds have hacked U.S. industrial firms, new research claims
Deception technology is an emerging category of cyber defense that is particularly useful when it comes to IoT devices, SCADA systems and medical devices. Continue reading Podcast: The Evolution of Deception Technology
After a cyberattack shut down numerous pipeline communication networks this week experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments. Continue reading Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks
A new IBM Institute of Business Value (IBV) report found that many energy and utilities companies are unprepared to deal with Internet of Things (IoT) threats.
The post At Your Own Risk: Managing Internet of Things (IoT) Risks for Industrial and Utility Companies appeared first on Security Intelligence.
A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack: hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I’ve seen it infect SCADA systems, thoug… Continue reading Water Utility Infected by Cryptocurrency Mining Software
A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack: hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I’ve seen it infect SCADA systems, though. It seems that this mining software is benign, and doesn’t affect the performance of the hacked computer. (A smart… Continue reading Water Utility Infected by Cryptocurrency Mining Software
We confront hundreds of thousands of new threats every day and we can see that threat actors are on a constant lookout for new attack opportunities. According to our research, connecting a software license management token to a computer may open a hidden remote access channel for an attacker. Continue reading A silver bullet for the attacker
Russian authorities have broken up a crime ring involving a hacker and willing gas-station employees who have used malicious software to cheat customers of gas. Continue reading Hacker Infects Gas Pumps with Code to Cheat Customers
Multinational energy technology company Schneider Electric revealed new details Thursday about a historic breach where hackers were able to halt operations at an energy plant in the Middle East by deploying highly sophisticated malware. The latest revelations, which were publicly announced at an industrial control systems cybersecurity conference, show that Trisis leveraged a zero-day vulnerability in Schneider Electric’s Triconex Tricon safety-controller firmware. The vulnerability allowed for privilege escalation, which would allow hackers to manipulate emergency shutdown systems during a targeted attack. In addition, there was a remote access trojan (RAT) within Trisis, providing attackers with a wide array of options, including the ability to turn off industrial equipment or sabotage the safety controllers in order to create unsafe conditions. The RAT is the first designed to specifically impact safety-instrumented systems, allowing for someone to access the highest privileges available on a targeted machine. In this case, the RAT was injected directly into […]
The post Schneider Electric: Trisis leveraged zero-day flaw, used a RAT appeared first on Cyberscoop.
Continue reading Schneider Electric: Trisis leveraged zero-day flaw, used a RAT