12 matches found
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
A suspected advanced persistent threat APT originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific APAC region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which w...
OilRig is back with another Phishing Email attack, delivering the Saitama Backdoor
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as OilRig has began delivering malicious email to a Jordanian government employee at the foreign ministry. The email includes a malicious Excel sheet that installs the Saitama backdoor...
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive...
Advantech iView SQL Injection Vulnerability (CNVD-2021-13243)
Advantech iView is a device management application for the energy, water and wastewater industries. A SQL injection vulnerability exists in versions prior to Advantech iView 5.7.03.6112. An attacker can exploit this vulnerability to disclose information...
Experts Uncover Malware Attacks Against Colombian Government and Companies
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubb...
Schweitzer Engineering Laboratories Unmanaged 24-Port Ethernet Switch Detection
Binary data 755349.prm...
Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems
ARCHIVED STORY Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems By Thomas Roccia · December 19, 2018 Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In...
ABB PCM600 Credential Protection Vulnerability (CNVD-2016-03749)
The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. A vulnerability exists in the way the ABB PCM600 authentication credentials are saved. A local attacker could exploit this vulnerability to gain access to the affected device...
ABB PCM600 Credential Protection Vulnerability
The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. A vulnerability exists in the way the ABB PCM600 OPC Server IEC61850 authentication password is temporarily protected. A local attacker could exploit this vulnerability to access the affected device...
About Apache Struts 2 S2-0 3 2 vulnerability threat monitoring and emergency disposal of the case Bulletin-vulnerability warning-the black bar safety net
4 the end of the month, the Apache struts2 S2-0 3 2 remote code execution vulnerability CNVD-2 0 1 6-0 2 5 0 6, The CVE-2 0 1 6-3 0 8 1, hereinafter referred to as S2-0 3 2 vulnerability, the exploit code is disclosed and in a short time spread rapidly. CNVD Secretariat-National Internet emergenc...
Effects full version Windows: iSIGHT surveillance espionage found Windows latest 0day vulnerabilities-vulnerability warning-the black bar safety net
the iSIGHT in Russian cyber-espionage discovered to affect all versions of Windows System with the latest 0day vulnerabilities, vulnerability number CVE-2 0 1 4-4 1 1 4, At present, Microsoft is the emergency of the vulnerability of making the patch. ! Yesterday, Microsoft partners iSIGHT Partner...
Shamoon Malware : Permanently wiping data from Energy Industry Computers
Malware researchers have uncovered an attack targeting an organization in the energy industry that attempts to wreak havoc by permanently wiping data from an infected computer's hard drive and rendering the machine unusable. Symantec would not name the victimized firm, and so far has seen the...