Path traversal vulnerabilities, also known as directory traversal, can be exploited by attackers to manipulate critical files, compromise security mechanisms, access sensitive data, and disrupt systems….
Tag: CRITICAL INFRASTRUCTURE
These hackers are employing sophisticated phishing techniques to distribute malicious software and target financial theft, with incidents steadily increasing over the past two years….
Yaroslav Vasinskyi, a 24-year-old Ukrainian national and affiliate of the notorious REvil ransomware-as-a-service (RaaS) group, has been sentenced to 13 years and 7 months in prison by a US court….
The alert says that water operators are employing poor security standards that have allowed the hackers to breach their networks, including the use of default passwords that are included when the water system management tools are first installed….
The CISA on Monday released safety and security guidelines for critical infrastructure, a move that comes just days after the Department of Homeland Security announced the formation of a safety and security board focused on the same topic….
The hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is โin the process of development.โ…
Infoblox researchers describe Muddling Meerkat, a likely PRC state-backed operation that conducts long-running DNS activities by leveraging open resolvers and Chinaโs Great Firewall to insert deceptive DNS responses. The study highlights false MX responses froโฆ
Microsoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure….
Members will include representatives of tech companies, critical infrastructure entities, academia, and government agencies, as well as โleaders in the civil rights, civil liberties, and privacy communities,โ DHS Secretary Alejandro Mayorkas said….
Key Points Escalated tensions between Iran and Israel could give rise to cyber threats. Several advanced persistent threat (APT) groups are involved on both sides: APT34, APT35, and CyberAv3ngers in Iran, and Predatory Sparrow in Israel. Iranian-affiliated APTs utilize a wide array of TTPs, includin…
Summary: The U.S. Treasury Department has sanctioned four Iranian nationals and two front companies for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. Threat Actor: Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CE…
Summary: Russian hacker group Sandworm targeted around 20 critical infrastructure facilities in Ukraine, aiming to disrupt operations and carrying out cyberespionage and destructive attacks. Threat Actor: Sandworm | Sandworm Victim: Critical infrastructure facilities in Ukraine | Ukraine Key Point :…
Amidst heightened geopolitical tensions, the Cyber Army of Russia has purportedly executed a distributed denial-of-service (DDoS) assault against CONSOL Energy, a major player in the coal and natural gas sectors. Established in 1860 and based in Canonsburg, Pennsylvania, CONSOL Energy holds a significant presence in global energy markets, supplying coal and…
As the digital landscape continues to evolve, the United States finds itself at the forefront of emerging cybersecurity challenges. With its critical infrastructure, extensive government networks, and vibrant economy, the nation remains a prime target for a myriad of cyber threats. From state-sponso…
CERT-UA disclosed that the UAC-0133/Sandworm group planned cyber-sabotage against ~20 energy, water and heat ICS facilities across ten Ukrainian regions, deploying known and new backdoors (QUEUESEED, LOADGRIP, BIASBOAT) and leveraging compromised supplier softโฆ