OTConnect - Threats & Vulnerabilities
Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices
“This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system,” Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn said. “A user would not know their USB device is infected or possibly used to exfiltrate data out of their networks.”
New attacks use Windows security bypass zero-day to drop malware
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings.
Rationalization: Stop spending valuable resources wrongly
We see very often how companies (through their security staff) go shopping and rush to spend, often pushed by the pressure of the business, the inertia of the market, lack of knowledge, skill and opportunism of suppliers, before performing a good risk assessment.
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks
Cobalt Strike is a commercial penetration testing tool, which gives security testers access to a large variety of attack capabilities. Cobalt Strike can be used to conduct spear-phishing and gain unauthorized access to systems, and can emulate a variety of malware and other advanced threat tactics.
Malware Hidden In GPU Memory, Invisible to Antivirus Applications, Could Potentially Harm PCs
Criminals in cyberspace have created a malware program that can be hidden in GPU memory and make it invisible to antivirus applications. Hackers Could Store Malware Within Your GPU Memory, Undetectable By Antivirus.
Serious Security: Linux Kernel Bugs That Emerged After 15 Years
Researchers from cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel… … In a code that had been there without attracting attention for…
The U.S. food supply is not cyber-secure or safe from threats to control systems
The U.S. Food and Drug Administration (FDA) issued the final rule on the Food Safety Modernization Act (FSMA) in November 2015 and, according to the FDA’s website, is still in effect as of 10/21/2020.The rule aims to prevent the intentional adulteration of acts intended to cause large-scale harm to public health, including acts of terrorism aimed at the food supply.
Snake Ransomware Delivers Double-Strike on Honda, Energy Co.
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.
Power company Enel Group suffers Snake Ransomware attack
European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network.