High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies

Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The high-severity issue, tracked as CVE-2022-0902 CVSS score: 8.1, is a path-traversal vulnerabili...

Triton Malware Spearheads Latest Attacks on Industrial Systems | McAfee Blogs

ARCHIVED STORY Triton Malware Spearheads Latest Attacks on Industrial Systems Alexandre Mundo · MAR 26, 2020 Malware that attacks industrial control systems ICS, such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that...

Triton Malware Spearheads Latest Attacks on Industrial Systems | McAfee Blogs

ARCHIVED STORY Triton Malware Spearheads Latest Attacks on Industrial Systems Alexandre Mundo · MAR 26, 2020 Malware that attacks industrial control systems ICS, such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that...

Russia launched Triton malware to sabotage Saudi petrochemical plant

By Waqas A few days ago it was reported that a new malware called GreyEnergy has been targeting high-profile industrial and energy sector with espionage and fingers were pointed at Russian hackers. Now, it has been revealed that Petrochemical plants in Saudi Arabia have been on the radar of...

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON...

Threat Outbreak Alert RuleID32722: Email Messages Distributing Malicious Software on May 8, 2018

Medium Alert ID: 57826 First Published: 2018 May 8 16:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32722 may contain the following files: Name | Size ...

CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation Vulnerabilities

CEMLink 6 suffers from having unrestricted WSDL service access and a weak mechanism for password storage. Exploit Title: CEMLink6 multiple vulnerabilities Date Reported to vendor: 8/2/2017 Vendor never replied Exploit Author: email protected Vendor Homepage:...

Iranian APT33 Targets U.S. Firms with Destructive Malware

The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea. The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill...

Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware

When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a...

Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware

When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a...

Threat Outbreak Alert RuleID29289: Email Messages Distributing Malicious Software on May 26, 2017

Medium Alert ID: 53978 First Published: 2017 May 26 13:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29289 may contain the following files: Name | Size...

Citadel Variant Targets Password Managers

The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. Researchers from IBM Trusteer today said they’ve notified makers of the nexus Personal Security Client, Password Safe and KeePa...

Citadel Used in Attacks Against Petrochemical Companies

Cybercrime tools continue to crossover into the realm of nation-state targeted attacks, with the latest example being a variant of the Citadel banking Trojan used in attacks against petrochemical companies in the Middle East. The attacks took place within the past few months, said researchers at...

SCADA Vulnerabilities Identified in Power, Petrochemical Plants

More than 7,600 different power, chemical and petrochemical plants may still be vulnerable to a handful of SCADA vulnerabilities made public this week. A researcher at Rapid 7, the Boston-based firm responsible for the popular pen testing software Metasploit, and an independent security researche...