5 matches found
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indian government...
Unauthorized Access Vulnerability in NC2000 of Nanjing Nanrui Group Corporation Water Conservancy and Hydropower Technology Branch Company
NC2000 is a computerized monitoring system software developed by Nanjing Nanrui, which is used in power systems and large and medium-sized hydropower stations. Nanjing Nanrui Group Corporation Water Conservancy and Hydropower Technology Branch NC2000 has an unauthorized access vulnerability, whic...
Compromising vital infrastructure: water management
It’s probably unnecessary to explain why water management is considered part of our vital infrastructure, but it's a wider field than you might expect—and almost every one of its components can be integral to our survival. We all need clean water to drink. As much as I like my coffee, I can't mak...
congress.hydropower.org XSS vulnerability
Open Bug Bounty ID: OBB-668608 Description| Value ---|--- Affected Website:| congress.hydropower.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Scan Reveals Hydropower Plants, Other Critical Infrastructure Exposed Online
An Internet scan of the IPv4 address space uncovered more than 100 critical facilities exposed to the public Internet, including hydropower plants in Germany and Italy, and a smart building in Israel hosting luxury apartments. The investigation, conducted by researchers at Internet Wache of Berli...