5 matches found
Spyware Blitzes Compromise, Cannibalize ICS Networks
Attackers are targeting industrial enterprises with spyware campaigns that hunt for corporate credentials so they can be used both for financial gain and to cannibalize compromised networks to propagate future attacks, researchers have found. The campaigns use off-the-shelf spyware but are unique...
Industrial Networks See Sharp Uptick in Hackable Security Holes
It’s on: Adversaries, CISOs and researchers are all simultaneously involved in a frantic race to find cybersecurity vulnerabilities hiding within industrial networks, according to the latest Biannual ICS Risk and Vulnerability report from Claroty. The report analyzed all publicly disclosed...
A Hands-On Introduction to Mandiant's Approach to OT Red Teaming
Operational technology OT asset owners have historically considered red teaming of OT and industrial control system ICS networks to be too risky due to the potential for disruptions or adverse impact to production systems. While this mindset has remained largely unchanged for years, Mandiant's...
Threats posed by using RATs in ICS
While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools RAT for PCs installed on operational technology OT networks of industrial enterprises. In a number of incidents that we have investigated, threat actors had use...
North Korean Actors Spear Phish U.S. Electric Companies
We can confirm that FireEye devices detected and stopped spear phishing emails sent on Sept. 22, 2017, to U.S. electric companies by known cyber threat actors likely affiliated with the North Korean government. This activity was early-stage reconnaissance, and not necessarily indicative of an...