“Cuba ransomware: Unleashing a Veeam exploit to wreak havoc on U.S. critical organizations.”
Category: Threats
Physical attacks on power grid surge to new peak – Power Grid Sabotage
July 18, 2023
(updated September 15, 2023)
Published by Eduardo Kando
People are shooting, sabotaging and vandalizing electrical equipment in the U.S. at a pace unseen in at least a decade, amid signs that domestic extremists hope to use blackouts to sow unrest.
CosmicEnergy ICS Malware Updates
June 17, 2023
(updated July 2, 2023)
Published by Eduardo Kando
CosmicEnergy ICS Malware is a sophisticated cyber-attack targeting industrial control systems. It is designed to steal data, disrupt operations, and cause physical damage to critical infrastructure. Protect your systems with advanced security measures.
What is Evil PLC attack and how to prevent negative consequences on industrial plants
“Protect your industrial plant from Evil PLC attacks – Implement security measures to prevent negative consequences!” Based on the report created by Team82.
Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices
January 28, 2023
(updated June 10, 2023)
Published by Eduardo Kando
“This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system,” Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn said. “A user would not know their USB device is infected or possibly used to exfiltrate data out of their networks.”
New attacks use Windows security bypass zero-day to drop Qbot malware
November 20, 2022
(updated June 12, 2023)
Published by Eduardo Kando
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings.
(Rationalization: Stop spending valuable resources wrongly)*
We see very often how companies (through their security staff) go shopping and rush to spend, often pushed by the pressure of the business, the inertia of the market, lack of knowledge, skill and opportunism of suppliers, before performing a good risk assessment.
Note: This content requires site login.
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks
Cobalt Strike is a commercial penetration testing tool, which gives security testers access to a large variety of attack capabilities. Cobalt Strike can be used to conduct spear-phishing and gain unauthorized access to systems, and can emulate a variety of malware and other advanced threat tactics.
Malware Hidden In GPU Memory, Invisible to Antivirus Applications, Could Potentially Harm PCs
Criminals in cyberspace have created a malware program that can be hidden in GPU memory and make it invisible to antivirus applications. Hackers Could Store Malware Within Your GPU Memory, Undetectable By Antivirus.
The U.S. food supply is not cyber-secure or safe from threats to control systems
March 15, 2021
(updated August 11, 2022)
Published by Eduardo Kando
The U.S. Food and Drug Administration (FDA) issued the final rule on the Food Safety Modernization Act (FSMA) in November 2015 and, according to the FDA’s website, is still in effect as of 10/21/2020.The rule aims to prevent the intentional adulteration of acts intended to cause large-scale harm to public health, including acts of terrorism aimed at the food supply.
