Browsing Category: Hacks

scada

BlackEnergy Malware Used in Attacks Against Industrial Control Systems

Attackers are using BlackEnergy malware to attack HMI software running inside industrial control systems, according to an advisory from ICS-CERT.

Read more...

IMG_1643

Cyberespionage: ‘This Isn’t a Problem That Can Be Solved’

WASHINGTON–Gentlemen may not read each other’s mail, as Henry Stimson famously said so long ago, but in today’s world they certainly steal it and there’s precious little in the way of gentlemanly conduct happening in the realm of cyberespionage. It’s every man—or country—for himself in this environment, and that free-for-all is creating unforeseen consequences for[...]

Read more...

IE 0day watering hole

Four Distinct Watering Hole Attacks Dropping ScanBox Keylogger

PwC has published research on four watering hole attacks likely carried out by different attackers, all connected by the ScanBox JavaScript-based reconnaissance tool.

Read more...

shutterstock_105196211

Russian APT28 Group Linked to NATO, Political Attacks

APT28, a Russian hacking group, has been tied to attacks against the country of Georgia, Eastern European political and military organizations, and NATO, a report from FireEye said.

Read more...

IMG_1625

Government, Industry Focusing on Issue of Resiliency

WASHINGTON–As things stand right now, the United States has no overarching national information security policy or centralized agency responsible for defending the government’s networks in the event of a serious cyberattack. There have been many pushes over the years to change that and put one agency or another at the head of the table, but[...]

Read more...

router_generic

NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk

More than 1 million SOHO routers and embedded devices are vulnerable to a serious vulnerability in the NAT-PMP protocol that enables traffic hijacking and denial of service attacks.

Read more...

webloginGoogle

Google Adds Hardware Security Key For Account Protection

Google is introducing an improved two-factor authentication system for Gmail and its other services that uses a tiny hardware token that will only work on legitimate Google sites.

Read more...

dropbox1

Dropbox Denies Hack, Says ‘Your Stuff is Safe’

Dropbox officials on Monday said that a large cache of usernames and passwords posted online and alleged to have come from the company’s users are not related to Dropbox customer accounts. A spate of media reports reported yesterday that attackers had stolen several million sets of credentials from Dropbox and posted them online. The claim of[...]

Read more...

sand worm

Sandworm APT Team Found Using Windows Zero Day Vulnerability

A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe.

Read more...

shutterstock_144799252

[Bad]USB ‘Patch’ Skirts More Effective Options

Categories: Hacks, Vulnerabilities

Researchers who released attack code against vulnerabilities in USB devices followed that up with a patch, that they and researcher Karsten Nohl acknowledge isn’t enough to solve the problem.

Read more...