Lucene search
K

22 matches found

The Hacker News
The Hacker News
added 2025/05/03 9:33 a.m.68 views

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure CNI entity in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage...

9.8CVSS8.8AI score0.8488EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/04/16 5:6 a.m.18 views

U.S. Govt. Funding for MITRE's CVE Ends April 16, Cybersecurity Community on Alert

The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures CVE program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem. The 25-year-o...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/12 10:18 a.m.85 views

Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign

A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the...

7.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/08/05 5:39 a.m.21 views

Maritime regulation. All Hands-on Deck!

TL;DR The regulation from the IMO has changed, you need to do more about cyber security. Key things to focus on: Start asking questions of your supply chain, of your own IT and OT teams Assess the security configuration per vessel – each are different Use Critical National Infrastructure controls...

0.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/03/03 5:0 p.m.20 views

Secure your OT and IoT devices with Microsoft Defender for IoT and Quzara Cybertorch™

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In recent years, malicious actors have started attacking industrial control systems and key sectors of nations’ critical infrastructure to inflict damage that transcends the cyber...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2022/02/18 1:46 p.m.71 views

Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code

Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran...

9AI score
Exploits0References8
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/06/01 6:55 a.m.46 views

Introduction to PLCs and Ladder Logic

Introduction We do a lot of client work with ICS, IIoT, and SCADA. We've been to various power plants, factories, electricity substations and they all use the same technology in the form of a PLC. A PLC is a Programmable Logic Controller. PLCs are what keep our Critical National Infrastructure...

7.1AI score
Exploits0
CISA
CISA
added 2019/07/05 12:0 a.m.12 views

ACSC Releases Updated Essential Eight Maturity Model

The Australian Cyber Security Centre ACSC has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems...

6.8AI score
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/15 11:10 a.m.26 views

PTP, IoT & the Norwegian Government

We were privileged to be invited to speak an event in Arendal, Norway yesterday to make the case for IoT regulation. 'Arendalsuka' is the largest political gathering in Norway, an open forum event where the public can interact directly with political leaders, business leaders, entrepreneurs,...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/07/19 3:30 p.m.51 views

EU Cybersecurity Act IoT FAIL

The EU recently announced that its plans for a Cybersecurity Act had been backed by industry committee MEPs. This was a significant opportunity for consumer IoT security to be regulated and resolve the current mess. Sadly, they’ve stopped short and made the code voluntary for all but certain...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2017/09/26 3:35 p.m.18 views

Achieve Continuous Security and Compliance with the CIS Critical Security Controls

For InfoSec pros, it’s easy to get overwhelmed by the constant noise from cybersecurity industry players — vendors, research firms, consultants, industry groups, government regulators and media outlets. A good antidote for this hyperactive chatter is to refocus on foundational InfoSec practices...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/08/28 4:50 p.m.14 views

CEOs Resign from Trump's Cybersecurity Commission

Eight members of the National Infrastructure Advisory Council resigned last week, citing inadequate attention by the Trump Administration to address growing cybersecurity threats facing the United States. President Donald Trump’s Administration has “given insufficient attention to the the growing...

6.8AI score
Exploits0References7
Schneier on Security
Schneier on Security
added 2017/05/10 7:14 p.m.20 views

Securing Elections

Technology can do a lot more to make our elections more secure and reliable, and to ensure that participation in the democratic process is available to all. There are three parts to this process. First, the voter registration process can be improved. The whole process can be streamlined. People...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/03/24 3:15 p.m.13 views

Iranians Indicted Over DDoS Campaign on Banks, Dam Hack

The U.S. government on Thursday indicted seven hackers affiliated with the Iranian government for attacks it called “a frightening new frontier in cybercrime.” Accusing the men of carrying out a series of distributed denial of service DDoS attacks against 46 financial companies, the Department of...

0.6AI score
Exploits0References7
CISA
CISA
added 2015/11/02 12:0 a.m.9 views

ACSC Releases 2015 Threat Report

The Australian Cyber Security Centre ACSC has released its 2015 Threat Report. This report provides threat information that Australian organizations are facing, such as cyber espionage, cyber attacks, and cyber crime. Mitigation and remediation steps are also included to assist organizations with...

6.7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2013/04/23 4:52 a.m.10 views

CALL FOR PAPERS - The Hackers Conference 2013

The call for papers for The Hackers Conference 2013 is now open. THC2013 is a hacker conference taking place in New Delhi, India on August 25th, 2013. The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cybe...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/11/22 3:59 p.m.11 views

Flame Malware against French Government

The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2011/11/09 9:36 p.m.7 views

Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm

Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control. The discovery of the Stuxnet worm has alerted governments around the...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/28 10:22 p.m.13 views

DHS: $40m To Research Next Big Thing in Cyber Security

The U.S. Department of Homeland Security issued a call for proposals this week in a $40m program to encourage research and development in a wide range of topics related to cyber security: from designing more resilient software, to alternatives to passwords and CAPTCHA technology to prevent...

6.9AI score
Exploits0References8
The Hacker News
The Hacker News
added 2011/01/18 10:17 a.m.5 views

Hackers will not be deterred by UK cyber defences !

Military "cyber weaponry" will become commonplace this century, but it will be unlikely to deter attacks by "hacktivists" and criminal gangs, and could easily be used for state-sponsored cyber attacks instead, the Organisation for Economic Co-operation and Development warns. The British authors o...

6.6AI score
Exploits0
Rows per page
Query Builder