Cybersecurity

Threat Awareness – EvilExtractor: Potentially Legitimate Tool Leveraged for Malicious Intent

Fortinet has written a blog discussing the use of the EvilExtractor tool in a March 2023 phishing campaign targeting networks in America and Europe. EvilExtractor is claimed to be a legitimate education tool, but researchers discovered it being advertised on criminal markets as an information stealer. EvilExtractor is modular, giving it many capabilities, including the ability to steal and upload data, wipe logs, and install ransomware.

Read more about Threat Awareness – EvilExtractor: Potentially Legitimate Tool Leveraged for Malicious Intent

Supply Chain Threat Awareness – North Korean X_Trader Supply Chain Attack Targets Energy, Financial Sector

Symantec has written a blog discussing the X_Trader software supply chain attack that impacted critical infrastructure organizations in the United States and Europe, including the energy and financial sectors. X_Trader, developed by Trading Technologies, is typically used for futures trading but a North Korean threat group has been linked to malicious versions utilized to deploy a multi-stage modular backdoor onto victims' systems.

Read more about Supply Chain Threat Awareness – North Korean X_Trader Supply Chain Attack Targets Energy, Financial Sector

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Keysight N8844A Data Analytics Web Service
Scada-LTS Third Party Component - Product used in the Energy Sector

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2023

ICS/OT Ransomware Awareness – Dragos’s Most Recent Industrial Ransomware Analysis Highlights Rising Threat to Industrial Systems

Ransomware attacks continued to be a significant threat to industrial organizations and infrastructure with threat actors employing old and novel tactics to compromise victims, according to Dragos’ most recent first quarter of 2023 Industrial Ransomware Analysis report.

Read more about ICS/OT Ransomware Awareness – Dragos’s Most Recent Industrial Ransomware Analysis Highlights Rising Threat to Industrial Systems

WaterISAC Directors Describe Mission, Threats, and More in Recent Podcast

In a recent podcast, WaterISAC Director of Infrastructure Cyber Defense Jennifer Lyn Walker and Director of Preparedness and Response Charles Egli discussed WaterISAC’s background, mission, and evolution and the threats facing the water and wastewater sector.

Read more about WaterISAC Directors Describe Mission, Threats, and More in Recent Podcast

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 20, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

INEA ME RTU - Product used in Energy and Water and Wastewater Systems Sectors

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 20, 2023

Cyber Resilience – CISA Announces Plans to Establish Logging Made Easy Service

The Cybersecurity and Infrastructure Security Agency (CISA) has announced plans to develop and establish Logging Made Easy (LME) tool, a service originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC-UK) until March 31, 2023.

Read more about Cyber Resilience – CISA Announces Plans to Establish Logging Made Easy Service

Threat Awareness – Iranian Threat Actor Mint Sandstorm Increasingly Targeting US Critical Infrastructure In 2023

Microsoft has posted a blog providing details on Mint Sandstorm, a threat actor group previously labeled PHOSPHORUS and who is believed to be associated with the Islamic Revolutionary Guard Corps, the intelligence arm of Iran’s military. Over the past year, the group has shifted from network reconnaissance activities to actively targeting U.S. critical infrastructure, including the energy, transportation systems, and chemical sectors.

Read more about Threat Awareness – Iranian Threat Actor Mint Sandstorm Increasingly Targeting US Critical Infrastructure In 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 18, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 18, 2023

Threat Awareness – Qbot Malware Propagating via Email Hijacking

Qbot malware is once again propagating by exploiting companies email chains, allowing the threat actors behind the malware to compromise more victims and conduct other malicious activities, according to security researchers at Kaspersky.

Read more about Threat Awareness – Qbot Malware Propagating via Email Hijacking

You are here

Cybersecurity

Threat Awareness – EvilExtractor: Potentially Legitimate Tool Leveraged for Malicious Intent

Supply Chain Threat Awareness – North Korean X_Trader Supply Chain Attack Targets Energy, Financial Sector

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2023

ICS/OT Ransomware Awareness – Dragos’s Most Recent Industrial Ransomware Analysis Highlights Rising Threat to Industrial Systems

WaterISAC Directors Describe Mission, Threats, and More in Recent Podcast

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 20, 2023

Cyber Resilience – CISA Announces Plans to Establish Logging Made Easy Service

Threat Awareness – Iranian Threat Actor Mint Sandstorm Increasingly Targeting US Critical Infrastructure In 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 18, 2023

Threat Awareness – Qbot Malware Propagating via Email Hijacking

Pages

You are here

Cybersecurity

Pages

Footer Email Signup