Attackers are putting considerable skill and effort into penetrating industrial companies in multiple countries, with hacks that use multiple evasion mechanisms, an innovative encryption scheme, and exploits that are customized for each target with pinpoint accuracy.
A potentially serious denial-of-service (DoS) vulnerability affecting some Mitsubishi Electric automation controllers can allow hackers to disrupt the production process in an industrial organization, experts have warned.
The flaw, discovered by a researcher at industrial cybersecurity firm SCADAfence and reported to Mitsubishi in late February, was described by the vendor as an uncontrolled resource consumption issue that allows an attacker to cause the Ethernet port to enter a DoS condition by sending it specially crafted packets, in bursts, over a short period of time.
The new solution, named “ DeepArmor Industrial, fortified by Siemens,” combines SparkCognition’s AI-powered cyber defense solution DeepArmor with Siemens’ expertise in operational technology (OT) security to help organizations protect endpoints and remote assets.
The solution includes antivirus, threat detection, zero-day attack prevention, and application control capabilities for oil and gas, power generation, and transmission and distribution systems.
The German industrial giant has yet to release patches for the vulnerabilities, which have been described as missing authentication issues, but it has told customers that they can reduce the risk of exploitation by applying defense-in-depth measures.
Siemens says an unauthenticated attacker who has network access to TCP port 135 can exploit the vulnerabilities to read and modify a device’s configuration and obtain project files, without user interaction.
European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS (SNAKE) ransomware operators, the group that also targeted Honda earlier this week.
(T)he Chinese company making the transformers is a business, and a very big one. If they would be caught tampering with the power transformers than that is bad for business. Can they intentionally leave some vulnerabilities in the system, theoretically yes but since multiple parties (the delivery contains also non-Chinese parts) are involved it is not likely to happen. But I have seen enough food for a more detailed analysis and inspection to find it very acceptable that also power transformers are assessed for their OT security posture when used in critical infrastructure.
So on the question are power transformers hackable, my vote would be yes. On the question will Sandia find any malicious tampering, my vote would be no. Good to run an inspection but bad to create so much fuss around it.
Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows.
The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already present on a compromised system in an attempt to help malware gain persistent/extended access.
The committee released a summary June 11 of the annual defense policy bill for fiscal year 2021. The bill, which passed the committee June 10, also adopts several recommendations made by the Cyberspace Solarium Commission, a bipartisan organization created in 2019 to develop a multipronged U.S. cyber strategy.
Among items the panel approved is giving the Principal Cyber Advisor more responsibility related to integration and coordination to ensure that DoD’s cyber policies are coherent and cohesive.
Video conferencing service Zoom has apologized for yielding to Chinese government pressure and suspending U.S.-based user accounts that commemorated the anniversary of the Tiananmen Square massacre in China.
The apology comes after an uproar from human rights activists and U.S. lawmakers for Zoom’s role in suppressing dissent outside of mainland China. At the request of the Chinese government, Zoom shut down three video meetings marking the anniversary. Some of the meeting organizers were based in the U.S. and in Hong Kong.
Just because Twitter is banned in mainland China doesn’t mean Beijing won’t use it to influence public opinion around the world.
Twitter announced Thursday it removed 23,750 accounts linked to Chinese-backed propaganda campaigns. Those accounts made up the core of the effort, the company said, while another 150,000 sought to amplify the content on those core accounts. Much of the activity was aimed at undermining pro-democracy protests in Hong Kong, the coronavirus pandemic and discrediting Chinese dissidents, researchers found.
No comments:
Post a Comment