Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager NTLM hashes. The new attack chain "can be used for sensitive information gathering purposes and to enable follow-on activity," enterprise security firm Proofpoint...

Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine

A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old...

New research shows IoT and OT innovation is critical to business but comes with significant risks

The need for much improved IoT and operational technology OT cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the challenges customers are facing,...

Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Summary Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Usestrong passwords. • Usemulti-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, Technique...

CISA – Ransomware targeted SCADA systems of 3 US water facilities

By Deeba Ahmed US has warned of more ransomware attacks on IT and OT networks of country's Water and Wastewater Systems WWS Sector facilities. This is a post from HackRead.com Read the original post: CISA - Ransomware targeted SCADA systems of 3 US water facilities...

Understanding the threat landscape and risks of OT environments

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

Rob Joyce to Take Over as NSA Cybersecurity Director

As the incoming Biden administration continues to shake up federal leadership, the National Security Agency announced Friday that Rob Joyce, who is currently serving at the U.S. Embassy in London, was named to lead its cybersecurity division. Joyce will inherit the job from Anne Neuberger, who wi...

i-doit 1.12 - qr.php Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file Software Link: https://www.i-doit.org/ Version: 1.12 Exploit Author: BlackFog Team Contact: email protected Website: https://securelayer7.net Category: webapps Tested on: Firefox i...

Utilities, Energy Sector Attacked Mainly Via IT, Not ICS

While industrial control systems ICS are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report o...

Countdown to GDPR: Prioritize Vulnerability Remediation

The EU’s GDPR General Data Protection Regulation demands that organizations stringently protect EU residents’ data they hold, share and process, which requires having solid InfoSec practices, including threat prioritization. No, there is no specific mention of prioritization of vulnerability...

Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution

Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution -- coding: utf8 -- """ Exploit Title: Cuckoo Sandbox Guest XMLRPC Privileged RCE PoC Date: June 28th 2016 Exploit Author: Rémi ROCHER Vendor Homepage: https://cuckoosandbox.org/ Software Link:...