25 matches found
Poland Thwarts Russian Wiper Malware Attack on Power Plants
Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules...
CVE-2023-50821
A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC04, SIMATIC WinCC Runtime Professional V17 All versions V17 Update 8, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 4, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 1, SIMATIC WinCC...
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat APT group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates,...
BlackCat Ransomware Raises Ante After FBI Disruption
The U.S. Federal Bureau of Investigation FBI disclosed today that it infiltrated the worlds second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gangs darknet website, and released a decryption tool that hundreds of victim...
From Power Plants to eWallets: The role of ZTNA in the gig economy
By Mor Ahuvia - SASE Solution Expert, Check Point Software The pandemic. A growing gig economy. Rounds of layoffs across industries. Its no wonder the workforce looks nothing… This is a post from HackRead.com Read the original post: From Power Plants to eWallets: The role of ZTNA in the gig econo...
Attacks on Ukraine communications are a major part of the war
Since the start of the Russian invasion of Ukraine, the war on the battlefield has been accompanied by cyber attacks. Those attacks against critical infrastructure have knocked out banking and defense platforms, mostly by targeting several communication systems. In a timeline set up by NetBlocks,...
Solar-Log 500 has an unspecified vulnerability
Solar-Log is a data logger used to monitor photovoltaic power plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker with access to the device to read sensitive information...
Solar-Log 500 安全漏洞
Solar-Log is a data logger used to monitor photovoltaic power plants from Solar-Log GmbH in Germany. Solar-Log 500 has a security vulnerability that could be exploited by an attacker with access to the device to read sensitive information...
Denial of Service Vulnerability in DMP3391 Measurement and Control Device
The DMP3391 is a monitoring device adapted to the different requirements of substations and power plants of all voltage levels. A denial of service vulnerability exists in the DMP3391, which can be exploited by an attacker to cause a system crash...
Critical Remote Code-Execution Bugs Threaten Global Power Plants
Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used fo...
Siemens SPPA-T3000 Information Disclosure Vulnerability (CNVD-2019-44784)
The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. An information disclosure vulnerability exists in the Siemens SPPA-T3000. An attacker with network access to the application server could enumerate valid user names by sendi...
North Korean Actors Spear Phish U.S. Electric Companies
We can confirm that FireEye devices detected and stopped spear phishing emails sent on Sept. 22, 2017, to U.S. electric companies by known cyber threat actors likely affiliated with the North Korean government. This activity was early-stage reconnaissance, and not necessarily indicative of an...
Vulnerable Radiation Monitoring Devices Won't Be Patched
LAS VEGAS—Three radiation monitoring device vendors have told researchers they will not be fixing a handful of vulnerabilities that could be abused by hackers, including a backdoor that affords high privileges on one device. The flaws were privately disclosed by IOActive researcher Ruben Santamar...
Easily using Vulnerability CVE-2 0 1 6-4 5 0 2 ranged attack power plants-vulnerability warning-the black bar safety net
! Repair hopeless? You can only deactivate the function or replace the device! Recently,without a patch the vulnerability, CVE-2 0 1 6-4 5 0 2 be found use in industrial control systems,has now been found that power plants use industrial control system may be severely affected,contrive evil...
Nordex Control 2 (NC2) SCADA 16 Cross Site Scripting
Nordex NC2 XSS Vulnerability AFFECTED PRODUCTS Nordex Control 2 NC2 SCADA V16 and prior versions. Nordex is a company based in Germany that maintains offices in countries around the world. The affected product, Nordex Control 2, is a web-based SCADA system for wind power plants. According to...
SCADA Vulnerabilities Identified in Power, Petrochemical Plants
More than 7,600 different power, chemical and petrochemical plants may still be vulnerable to a handful of SCADA vulnerabilities made public this week. A researcher at Rapid 7, the Boston-based firm responsible for the popular pen testing software Metasploit, and an independent security researche...
Malware Infects US Power Plants through USB Drives
The US Department of Homeland Security's Cyber Emergency Response Team has released a report, which stated that two American electrical power plants were compromised late last year and has identified a number of glaring electronic vulnerabilities. Some unknown malware infected two power plants...
Malware Infects US Power Plants through USB Drives
The US Department of Homeland Security’s Cyber Emergency Response Team has released a report, which stated that two American electrical power plants were compromised late last year and has identified a number of glaring electronic vulnerabilities. Some unknown malware infected two power plants...
Malware Infects Two Power Plants Lacking Basic Security Controls
During the past three months, unnamed malware infected two power plants’ control systems using unprotected USB drives as an attack vector. At both companies, a lack of basic security controls made it much easier for the malicious code to reach critical networks. In one instance, according to a...
Critical infrastructure managing software vulnerable to Unauthorized access
Reid Wightman from security firm ioActive reported that there is an undocumented backdoor available in CoDeSys software that actually used to manage equipment in power plants, military environments, and nautical ships. The bug allow malicious hackers to access sensitive systems without...