A five-year campaign focused on extracting sensitive information from Japanese oil, gas, and electric utilities through multiple backdoors was outlined by researchers on Wednesday.
Browsing Category: Critical Infrastructure
Threatpost editor Mike Mimoso talks with Dewan Chowdhury, the founder and CEO of MalCrawler, about hacking power grids and describes a honeypot they built to mimic an energy management system.
Mike Mimoso and Chris Brook recap last week’s Security Analyst Summit — including lots of IoT and critical infrastructure talk, APTs like Metel and Poseidon, and more.
Researchers from MalCrawler built a honeypot mimicking an energy management system at the heart of a power grid, exposing attackers’ behavior once they have access to critical infrastructure systems.
Attackers have begun using rigged Microsoft Word documents propagated via spearphishing emails to spread the BlackEnergy Trojan.
Researchers have uncovered yet another issue – and potential backdoor – in Advantech’s beleaguered EKI-1322 serial device server.
Comcast’s Xfinity Home Security System is vulnerable to attacks that interfere with its ability to detect and alert to home intrusions.
Automation and energy management company Schneider Electric patched a vulnerability in one of its product lines this week that left a handful of programmable automation controllers at risk of being hacked.
Rapid7 disclosed that Advantech EKI industrial control gear remains vulnerable to Shellshock and Heartbleed, in addition to a host of other vulnerabilities.
Research presented during Black Hat Europe demonstrates how attackers can abuse business applications connected to ICS and SCADA gear.