Chinese Volt Typhoon Hackers Infiltrated US Electric Utility for Nearly a Year

Dragos reveals Volt Typhoon hackers infiltrated a US electric utility for 300 days, collecting sensitive data. Learn how this cyberattack threatens infrastructure...

Focus on DroxiDat/SystemBC

Recently we pushed a report to our customers about an interesting and common component of the cybercrime malware set - SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, we found a new SystemBC variant deployed to a critical infrastructure target. This time, the...

Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack

Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange NSE of India. It further said it has take...

Utility Cybersecurity: Situational Awareness Cuts Risk

Trend Micro has released a technical report on how the electric utility industry can gain situational awareness across entire network...

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

XENOTIME, the APT group behind the TRISIS industrial control system ICS event, has expanded its focus beyond the oil and gas industries, according to researchers. The group has recently been seen probing the networks of electric utility organizations in the U.S. and elsewhere – perhaps a precurso...

Attacks On MongoDB Rise As Hijackings Continue

The number of insecure MongoDB databases being hijacked by criminals is growing according to experts who say attacks that began last week are now targeting more valuable assets. Since identifying attacks against MongoDB installations on Dec. 27, Victor Gevers, an ethical hacker and founder of GDI...

Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

OVERVIEW Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens...

Vulnerability Fixed in Subnet Solutions SCADA Server

A hole has been fixed in a popular industrial control system data management server that if left unpatched, could result in a remotely exploitable denial of service condition. Subnet Solutions, Inc., a Canadian manufacturer of electric utility products, fixed the vulnerability – along with anothe...

Open Source Smart Meter Hacking Framework can Hack into the Power Grid

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security...