Team82 has developed a novel attack that weaponizes programmable logic controllers (PLCs) in order to exploit engineering workstations and further invade OT and enterprise networks. We’re calling this the Evil PLC Attack. Download the full report here (free PDF). The attack targets engineers working every day on industrial networks,
Pro-ukrainan hacker group OneFist claim demolished the KUPROS Paper Mill in Novosibirk via SCADA attack. They claim "full system control allowed destruction of machinery and potential floods/fires. The loss of machinery and production will be in the millions." Sources: OneFist's Telegram and Twitter channels #RusUkrWar
Infostealer appears to be payload in recent activity aimed at Ukrainian organizations. This activity was ongoing as recently as August 8, 2022 and much of the activity observed in this campaign is consistent with activity that was highlighted by CERT-UA on July 26. Shuckworm (aka Gamaredon, Armageddon) is a Russia-linked
The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and
The pro-Russia Killnet hacker group claims that the stolen information includes PII data such as email addresses and phone numbers of the company’s employees. On August 1st, 2022, the pro-Russian hackers from Killnet claimed responsibility for a DDoS attack on Lockheed Martin, a United States-based global security and aerospace
A OneFist ukránbarát hackercsoport azt állítja, hogy az általuk "Operation Smoked"-nak elnevezett művelet keretében feltörték a Rosseti Lenenergo 110 kV-os PS-249 "Dymi" alállomás SCADA rendszerét. Állításuk szerint a rendszer szünetmentes tápegységének (UPS) sebezhetőségét használták ki, amely teljes hozzáférést biztosított számukra az akkumulátorokhoz, így sikeresen tönkretették
Pro-Ukraine hacker group OneFist claims hacked SCADA system for Rosseti Lenenergo's 110 kV substation PS-249 "Dymi" as part of their special cyberwarfare operation, Operation "Smoked". Using a vulnerability in it's uninterruptible power supply (UPS), which gave them total access to the batteries,
The Anonymous Hacker group has claimed to have taken down two Russian video conferencing apps, Webnir.ru and videomost.com station. Webinar Group is a Russian ecosystem of services for meetings, online events, training and webinars. One of the clients as stated on their website is Huwaei. While webinar.ru
A group of 18 tech and cyber companies said Wednesday they are building a common data standard for sharing cybersecurity information. They aim to fix a problem for corporate security chiefs who say that cyber products often don’t integrate, making it hard to fully assess hacking threats. Amazon. com
CTI (Cyber Threat Intelligence) analysis by Trend Micro of a cyber espionage campaign of Iron Tiger APT (Advanced Persistent Threat) group. Iron Tiger (also known as Emissary Panda, APT27, Bronze Union, and Luckymouse) compromising chat application Mimi’s servers in a supply chain attack by HyperBro malware. MiMi is an
Pro-Ukraine hacker group Bluehornet who was AgainstTheWest and has continued to operate in some capacity under spot has now allegedly returned to operations.
The pro-Russian hacker gang known as Killnet took down the website of Latvia’s parliament on Thursday after lawmakers there designated Russia as a “state sponsor of terrorism.” The parliament’s website went down for several hours after being hit by a distributed denial-of-service (DDoS) attack, which floods websites with
On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. Cisco has updated its security products with intelligence gained from observing the bad actor’s techniques, shared Indicators of Compromise (IOCs) with other
CTI analysis by Cyble of the escalation of the China-Taiwan conflict in the wake of Nancy Pelosi's visit to Taiwan, which was followed by widespread cyberattacks on Taiwanese institutions. Pelosi’s Taiwan Visit Widens Taipei-Beijing RiftCyble analyzes the escalation of the China-Taiwan conflict in the wake of Nancy
Finland’s parliament said Tuesday its website came under cyber-attack, as the Nordic country applies for NATO membership following Moscow’s invasion of Ukraine. “A denial-of-service attack is taking place against the parliament’s external website,” parliament said in a statement. Finland parliament website targeted in cyber attackFinland’s parliament
A new analysis by Kaspersky unveiled a wave of targeted attacks on military-industrial complex enterprises and public institutions in Belarus, Russia, Ukraine and Afghanistan. Microsoft Word documents attached to the phishing emails contain malicious code that exploits the CVE-2017-11882 vulnerability. The vulnerability enables an attacker to execute arbitrary code (in
