HackDig : Dig high-quality web security articles for hacker

What Do Recent Attacks Mean for OT Network Security?

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ
Publish At:2017-09-27 22:46 | Read:3142 | Comments:0 | Tags:Endpoint Energy & Utility Incident Response Network Critical

Dragonfly 2.0: the sophisticated attack group is back with destructive purposes

While the first Dragonfly campaigns appear to have been a more reconnaissance phase, the Dragonfly 2.0 campaign seems to have destructive purposes. Symantec has spotted a new wave of cyber attacks against firms in the energy sector powered by the notorious Dragonfly group. The Dragonfly group, also known as Energetic Bear, has been active since at least 2011
Publish At:2017-09-07 16:19 | Read:2508 | Comments:0 | Tags:APT Breaking News Hacking critical infrastructure Dragonfly

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:2320 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research demonstrated, this was just part of a bigger story that began mu
Publish At:2017-06-15 13:30 | Read:7188 | Comments:0 | Tags:Featured Research industrial software Nigerian Scam Phishing

Addressing Security Gaps in the Energy Industry

Every industry has its own unique challenges related to information security. Financial services organizations bear the burden of preventing fraud. Manufacturing businesses have to protect their intellectual property and ensure that manufacturing processes remain resilient to attack. Meanwhile, health care organizations must keep sensitive personal informat
Publish At:2017-06-14 01:00 | Read:2724 | Comments:0 | Tags:Energy & Utility Energy and Utilities Energy Industry Indust

Experts spotted Industroyer ICS Malware and linked it to Ukraine Power Outage

Researchers at antivirus firm ESET have discovered a new strain of malware, dubbed Industroyer, that appears to have been designed to target power grids. The experts published a detailed analysis of the malware, they speculated the malicious code has been involved in the December 2016 attack on an electrical substation in Ukraine. “Win32/Industroyer is
Publish At:2017-06-13 07:40 | Read:3578 | Comments:0 | Tags:APT Breaking News Hacking Malware BlackEnergy CRASHOVERRIDE

ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things?

Companies operating Industrial Control Systems (ICS) have a special set of challenges to deal with. Which is the state of the art? The equipment was expected to be installed and left alone for a long time. Pressures to reduce operating costs led to this equipment being connected, and the easiest networking equipment to find was designed for convenience in a
Publish At:2017-06-13 07:40 | Read:3605 | Comments:0 | Tags:Breaking News Hacking Reports authentication cyber security

ClearEnergy ransomware can destroy process automation logics in critical infrastructure, SCADA and industrial control sy

Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controlle
Publish At:2017-04-16 11:35 | Read:4611 | Comments:0 | Tags:Critical Infrastructures Cyber Security Cyber Security Resea

Still problems for Schneider Electric, Schneider Modicon TM221CE16R has a hardcoded password

The firmware running on the Schneider Modicon TM221CE16R (Firmware 1.3.3.3) has a hardcoded password, and there is no way to change it. I believe it is very disconcerting to find systems inside critical infrastructure affected by easy-to-exploit vulnerabilities while we are discussing the EU NIS directive. What about hard-coded passwords inside critical syst
Publish At:2017-04-05 19:25 | Read:2518 | Comments:0 | Tags:Breaking News Hacking Firmware SCADA Schneider Modicon TM221

Lesson Learned From Stuxnet

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The cybercriminals behind the attack developed the infamous worm to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows
Publish At:2017-03-10 12:10 | Read:2550 | Comments:0 | Tags:Energy and Utility Infrastructure Protection Energy Industry

US Oil and Gas Industry unprepared to mitigate risks in operational technology (OT) environments

A study commissioned by Siemens revealed that US oil and gas industry is unprepared to mitigate cybersecurity risks in operational technology environments. A new study commissioned by the engineering firm Siemens revealed that oil and gas industry in the United States is largely unprepared to mitigate cybersecurity risks in operational technology (OT) enviro
Publish At:2017-02-26 17:50 | Read:2545 | Comments:0 | Tags:Breaking News Reports Security Hacking insiders malware oper

A simulation shows how a ransomware could hack PLCs in a water treatment plant

The security researchers at the Georgia Institute of Technology have simulated a ransomware-based attack on PLCs in a water treatment plant. The security researchers at the Georgia Institute of Technology have conducted an interesting research on the potential impact of ransomware on industrial control systems (ICS). The researchers David Formby, a Ph.D. stu
Publish At:2017-02-14 10:40 | Read:3064 | Comments:0 | Tags:Breaking News Hacking Security critical infrastructure extor

The Future of Cybersecurity

You can’t discuss the future of cybersecurity without considering emerging trends in technology and threat landscapes. As organizations develop and adopt technologies related to big data, cognitive computing and the Internet of Things (IoT), cyberthreats are growing in both volume and complexity. The race is on to secure these systems and devices befor
Publish At:2017-02-10 13:10 | Read:2632 | Comments:0 | Tags:Application Security Cognitive Data Protection Energy and Ut

SCADA Honeywell XL Web II Controller exposed password in clear text

The web-based SCADA system Honeywell XL Web II Controller is affected by multiple flaws that can be remotely exploited to expose passwords in clear text. A popular web-based SCADA system designed by Honeywell is affected by multiple vulnerabilities that can be remotely exploited to expose passwords in clear text. In order to access the password in clear text
Publish At:2017-02-06 18:10 | Read:4446 | Comments:0 | Tags:Breaking News Hacking Honeywell XL Web II Controller Vulnera

The number of ICS Attacks continues to increase worldwide

According to data provided by IBM Managed Security Services, the number of ICS attacks in 2016 continues to increase worldwide. Industrial control systems (ICS) continues to be a privileged target of hackers. According to IBM Managed Security Services, the number of cyber attacks increased by 110 percent in 2016 compared to 2015. According to the researchers
Publish At:2016-12-28 12:45 | Read:2675 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security brute force attac

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud