December 13, 2024 at 07:33AM Iran-affiliated hackers have developed IOCONTROL, a custom malware targeting IoT and operational technology systems in Israel and the U.S. It can compromise various devices like cameras and PLCs, enabling attackers to shut down services and steal data. The malware functions via MQTT and employs advanced evasion tactics. **Meeting Takeaways – … Read more
December 11, 2024 at 11:30AM The Romanian National Cybersecurity Directorate has confirmed that the Lynx ransomware gang breached Electrica Group, a major electricity supplier. While the attack is under investigation, critical systems remain unaffected. Electrica is collaborating with cybersecurity authorities, and the directorate advises scanning for malware and not paying ransom demands. ### Meeting Takeaways: … Read more
November 25, 2024 at 11:03AM The myPRO system by mySCADA has critical vulnerabilities allowing remote attackers to gain control. Discovered by researcher Michael Heinzl, the flaws include OS command injection and improper authentication. mySCADA has released patches, but the exact number of vulnerable systems remains unclear. CISA reports no known exploitations to date. ### Meeting … Read more
October 9, 2024 at 11:43AM Multiple security vulnerabilities in the Manufacturing Message Specification (MMS) protocol pose risks for industrial environments, potentially enabling device crashes and remote code execution. Key libraries affected were patched in 2022, but gaps in security for modern technology versus outdated protocols persist. Additional vulnerabilities in other systems were also reported. ### … Read more
September 26, 2024 at 07:55AM The US cybersecurity agency CISA warns of unsophisticated hacks on industrial control systems (ICS) and operational technology. Red Evil hacktivist group claimed to have compromised water systems used by Hezbollah, making exaggerated claims of control. However, an expert believes this is more likely an influence/misinformation operation. CISA also issued a … Read more
July 22, 2024 at 01:15PM Two members of the Russian hacktivist group Cyber Army Russia Reborn (CARR) were sanctioned by the US Department of Treasury for cyberattacks on US critical infrastructure. Yuliya Pankratova, the leader, and Denis Degtyarenko, the primary hacker, were involved in disrupting operations at water facilities and compromising industrial control systems, but … Read more
July 22, 2024 at 10:36AM The US Department of Treasury imposed sanctions on Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, leaders of the Russian hacktivist group CARR, for cyberattacks targeting critical infrastructure in the US and Europe. CARR’s activities, including compromising industrial control systems, have led to significant security concerns, resulting in sanctions and asset … Read more
January 9, 2024 at 09:06AM Researchers from Nozomi Networks have uncovered significant vulnerabilities in Bosch Rexroth nutrunners used in the automotive industry, potentially allowing hackers to gain control of these devices remotely. The vulnerabilities, including over two dozen security holes, pose serious threats to operational and reputational integrity. Bosch Rexroth plans to address the flaws … Read more
October 17, 2023 at 07:12AM The National Security Agency has released a repository called Elitewolf on GitHub, which contains intrusion detection signatures and analytics for hunting malicious activity in industrial control systems and operational technology environments. The release is in response to increased cyber activity targeting critical infrastructure and aims to help organizations implement continuous … Read more