Another vulnerability in the same Windows component was abused by Stuxnet a decade ago. A vulnerability in a decades-old Windows component that controls printing on machines running the operating system could be abused by malicious actors to gain elevated privileges on the targeted system, according to security researchers Yarden Shafir and Alex Ionescu. The flaw, which … More Microsoft fixes vulnerability affecting all Windows versions since 1996
Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?
ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors
WeLiveSecurity sat down with David Harley to get a better understanding of Critical Infrastructure and the role he has played in the area throughout his career. [Editor] How did you come to be involved with Critical Infrastructure? [David Harley] I first took an interest in Critical Infrastructure (CI) when I started working on the security side … More Critical Infrastructure Interview with cyber-expert David Harley
The 2016 attack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for an hour was caused by a cyberattack. ESET researchers have since analyzed samples of malware, detected by ESET as Win32/Industroyer, capable of performing exactly that type of attack. Whether the same malware was really involved in what cybersecurity … More Industroyer: Biggest threat to industrial control systems since Stuxnet
The Internet of Things (IoT) has been referred to by so many different names in the past year. The Internet of Terror, the Internet of Trash and a few other catchy monikers to account for the large amount of vulnerabilities present in new devices that are increasingly present in many homes. Things like smart thermostats, … More The Hive Mind: When IoT devices go rogue
Disconnected from the internet and without audio speakers and microphones, air-gapped computers may be the safest option for protecting an organization against security breaches, but as we know from the Stuxnet outbreak, they aren’t foolproof – a fact that researchers in Israel set out to explore. Scientists at the Cyber Security Research Center at Ben-Gurion University … More ‘Fansmitter’ malware can extract data from air-gapped computers