HackDig : Dig high-quality web security articles for hacker

Patch Tuesday, September 2019 Edition

Microsoft today issued security updates to plug some 80 security holes in various flavors of its Windows operating systems and related software. The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interactio
Publish At:2019-09-19 16:10 | Read:306 | Comments:0 | Tags:Time to Patch .lnk adobe flash player Microsoft Patch Tuesda

Dragonfly 2.0: the sophisticated attack group is back with destructive purposes

While the first Dragonfly campaigns appear to have been a more reconnaissance phase, the Dragonfly 2.0 campaign seems to have destructive purposes. Symantec has spotted a new wave of cyber attacks against firms in the energy sector powered by the notorious Dragonfly group. The Dragonfly group, also known as Energetic Bear, has been active since at least 2011
Publish At:2017-09-07 16:19 | Read:3233 | Comments:0 | Tags:APT Breaking News Hacking critical infrastructure Dragonfly

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:2827 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

Microsoft Attempts To Fix Stuxnet For The Third Time

Microsoft released a new security update on June 17th in an attempt to patch a vulnerability which allowed the Stuxnet Virus to exploit Windows systems. The Stuxnet Virus which attacks Industrial Control Systems was first discovered in 2010 when it infected Iranian Programmable Logic Controllers.  Stuxnet compromises controllers by first targeting Windows op
Publish At:2017-08-04 21:15 | Read:2935 | Comments:0 | Tags:Breaking News Hacking CVE-2017-8464 ICS industrial control s

The Stuxnet vulnerability is still one of the most exploited flaws in the wild by hackers

A new report published by Kaspersky confirms that Stuxnet exploits targeting a Windows Shell Vulnerability is still widely adopted by threat actors. The case that I’m going to present you demonstrates the importance of patch management and shows the effects of the militarization of the cyberspace. Unpatched software is an easy target for hackers that c
Publish At:2017-04-21 17:25 | Read:3601 | Comments:0 | Tags:Uncategorized CVE-2010-2568 Kaspersky malware state sponsore

The alleged link between the Shadow Brokers data leak and the Stuxnet cyber weapon

Security researchers who analyzed the documents and hacking tools included in the last Shadow Brokers dump found a link to the Stuxnet virus. On Friday, the Shadow Brokers leaked a new bunch of files belonging to the alleged NSA arsenal. Security researchers who analyzed the documents and hacking tools included in the last dump have discovered many exploits
Publish At:2017-04-18 15:45 | Read:2458 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence Malware malware NSA

Malware posing as Siemens PLC application is targeting ICS worldwide

Findings of the MIMICS project conducted by Dragos Threat Operations Center show a malware posing as Siemens PLC application is targeting ICS worldwide. After the disclosure of the Stuxnet case, the security industry started looking at ICS malware with increasing attention. A malware that infects an industrial control system could cause serious damages and p
Publish At:2017-03-26 01:15 | Read:3522 | Comments:0 | Tags:Breaking News Hacking Malware BlackEnergy Havex ICS malware

Lesson Learned From Stuxnet

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The cybercriminals behind the attack developed the infamous worm to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows
Publish At:2017-03-10 12:10 | Read:2871 | Comments:0 | Tags:Energy and Utility Infrastructure Protection Energy Industry

2016 Reflections on ICS Security

As the year approaches the end, it is a time to reflect on 2016 and industrial control systems (ICS) security. Why ICS security? Because securing ICS should be everyone’s concern. Consider the impact on this critical infrastructure and what it means to you.ImpactWhy?Your entertainment—watching movies on your TV or laptop, listening to music, etc.ICS are a cr
Publish At:2016-12-28 10:55 | Read:3333 | Comments:0 | Tags:Featured Articles ICS Security backdoor ics security spear-p

SCADA Sssh! Don’t Talk, Filter it

The effects of cyber-attacks against SCADA/ICS are well known, however, there is a great confusion when dealing with mitigation techniques. The Majority are aware of the impact cyber-attacks can have on Industrial Control Systems however, the reality in terms of mitigation techniques are shrouded with confusion and a reactive approach. Recent 0-day vulnerabi
Publish At:2016-11-10 06:35 | Read:4392 | Comments:0 | Tags:Breaking News Hacking Havex ICS Panel Shock SCADA stuxnet ze

Shocking, a German nuclear plant suffered a disruptive cyber attack

A German nuclear plant suffered a disruptive cyber attack, the news was publicly confirmed by the IAEA Director Yukiya Amano. According to the head of the United Nations nuclear watchdog, the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three years
Publish At:2016-10-11 03:45 | Read:2991 | Comments:0 | Tags:Breaking News Hacking Security cyber security Gundremmingen

A malware was found in Iran petrochemical complexes, but it’s not linked to recent incidents

The head of Iran’s civilian defense confirmed that a malware was found in petrochemical complexes, but it hasn’t caused the fires under investigation. Last week, I reported the news related to a series of fires at Iranian petrochemical plants. The Iran’s Supreme National Cyberspace Council started an investigation to discover if the incidents at oil an
Publish At:2016-08-29 12:40 | Read:3143 | Comments:0 | Tags:Breaking News Cyber warfare Malware critical infrastructure

Iran investigates possible cyber attacks behind a string Oil Industry incidents

Iran ’s cyberspace security authorities are investigating a string of fires in the country oil and gas facilities. Incidents or cyber sabotage? Once again, something of strange is happening in Iran, the Government of Teheran is investigating a recent string of incidents occurred in critical infrastructure in the country. The Iran’s Supreme National Cyb
Publish At:2016-08-19 15:05 | Read:2851 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security critical

Cisco, Fortinet issue fixes against Equation Group exploits

Customers of Cisco and Fortinet security firms need to patch their products to fix the flaws exploited by the Equation Group exploits and hacking tools. While security experts are analyzing the hacking tools leaked in the data dump by the Shadow Brokers, security firms are working to fix the vulnerabilities exploited by the Equation Group toolsets. Both Fort
Publish At:2016-08-18 20:45 | Read:4534 | Comments:0 | Tags:Breaking News Cyber warfare Hacking CISCO cyber weapon Equat

A close look at the exploits leaked after the Equation Group hack

The NSA-linked unit The Equation Group has been hacked and a data dump containing exploits and tools has been leaked online. Is it legitimate? It is the topic of the moment, the group The Shadow Brokers has hacked the NSA-linked unit the Equation Group and leaked online exploits and hacking tools. The hackers had dumped online the precious material, probably
Publish At:2016-08-18 02:25 | Read:3060 | Comments:0 | Tags:Breaking News Cyber warfare Hacking cyber weapon Equation gr


Share high-quality web security related articles with you:)


Tag Cloud