7 matches found
PT-2025-38520
Westermo Network Technologies has identified a severe command injection vulnerability in its WeOS 5 operating system that could allow attackers to execute unauthorized commands remotely. Key Points: - A CVSS v4 score of 8.7 indicates a high risk of exploitation. - Remote attackers with...
All Sectors Are Now Prey as Cyber Threats Expand Targeting
Ransomware doesn’t discriminate – today, every sector faces risks. But we are seeing changes in which sectors are being targeted the most. For instance, while healthcare and education have long been considered the most heavily attacked, that’s shifting. In the latest FortiGuard Labs Global Threat...
Hackers are implanting multiple backdoors at industrial targets in Japan
Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attac...
Oil-and-Gas APT Pivots to U.S. Power Plants.
A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part...
Iran Targets Mideast Oil with ZeroCleare Wiper Malware
A freshly-discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services IRIS, ZeroCleare so-named because of the program database pathname of its binary file was...
Energetic Bear/Crouching Yeti: attacks on servers
Energetic Bear/Crouching Yeti is a widely known APT group active since at least 2010. The group tends to attack different companies with a strong focus on the energy and industrial sectors. Companies attacked by Energetic Bear/Crouching Yeti are geographically distributed worldwide with a more...
Siemens Patches Ghost Flaw Simatic Product
Siemens has released an update for some of its ICS products that are affected but the glibc Ghost vulnerability that was disclosed in January. The vulnerability affected both the Siemens Sinumerik and Simatic HMI Basic applications, which are used in a variety of industrial situations. “The...