The Skybox View

22 03, 2019

LockerGoga Attack Hits Norsk Hydro, Stalls Production

By |2019-03-25T10:34:10-07:00March 22nd, 2019|Critical Infrastructure|Comments Off on LockerGoga Attack Hits Norsk Hydro, Stalls Production

Norsk Hydro, a leading European aluminum company with operations in more than 50 countries, was hit by a LockerGoga ransomware attack on March 18. The attack was far-reaching, with Norsk Hydro’s chief financial officer Eivind Kallevik sharing that “the entire worldwide network is down, affecting our production as well as our office operations.” As a [...]

15 03, 2019

Cisco NX-OS and FXOS: 33 New Vulnerabilities in One Week

By |2019-03-15T12:46:38-07:00March 15th, 2019|Vulnerability Assessment|Comments Off on Cisco NX-OS and FXOS: 33 New Vulnerabilities in One Week

Over the past week, we’ve seen Cisco publish a number of security advisories covering 29 vulnerabilities which affect Cisco NX-OS and four vulnerabilities which affect FXOS. Although there are not yet any reported active attacks leveraging these vulnerabilities, it’s crucial to be aware if any of these vulnerabilities exist within your network. What Risks do [...]

8 03, 2019

Google Reveals Rare macOS Zero-Day Vulnerability, BuggyCow

By |2019-03-08T12:52:07-07:00March 8th, 2019|Threat Intelligence|Comments Off on Google Reveals Rare macOS Zero-Day Vulnerability, BuggyCow

On November 30, 2018, Google’s Project Zero researchers discovered BuggyCow, a high-severity security flaw in the macOS kernel. They gave Apple a 90-day deadline to patch the issue: a deadline that, in this instance, was missed. As a direct result of Apple’s inaction, Google’s team revealed details about the flaw and posted a proof-of-concept on March [...]

20 02, 2019

OT Networks Saw Attacks Continue to Rise in 2018

By |2019-02-20T09:43:46-07:00February 20th, 2019|Critical Infrastructure|Comments Off on OT Networks Saw Attacks Continue to Rise in 2018

OT networks were under increasing attack last year, according to Skybox Security’s recently published 2019 Vulnerability and Threat Trends Report. In this blog, we’re examine why such attacks are on the rise, identify the roadblocks standing in the way of much-needed progress and give advice about how you can secure your OT network. OT Networks [...]

30 01, 2019

Kuwait Oil Company Spreadsheet Delivering OmniRAT to OT Networks

By |2019-01-31T08:10:02-07:00January 30th, 2019|Threat Intelligence|Comments Off on Kuwait Oil Company Spreadsheet Delivering OmniRAT to OT Networks

A weaponized Excel file titled “Kuwait Oil Company Business Profile” breathes new life into an old vulnerability, raising concern for unsuspecting OT networks

29 01, 2019

Attacks on Cloud Networks Likely to Increase in 2019

By |2019-01-29T17:27:05-07:00January 29th, 2019|Virtual and Cloud Network Security|Comments Off on Attacks on Cloud Networks Likely to Increase in 2019

In Skybox Security’s 2019 Vulnerability and Threat Trends Report, one of the key findings was the impact cloud networks could have on the attack surface. Cyberattackers Targeting Cloud Infrastructure Security of cloud networks — the responsibility of the cloud service provider (CSP) — is relatively strong. However, security within the cloud — the responsibility of [...]

18 01, 2019

Juniper Vulnerabilities Missed by a Number of Popular Scanners

By |2019-01-23T01:26:28-07:00January 18th, 2019|Vulnerability Assessment|Comments Off on Juniper Vulnerabilities Missed by a Number of Popular Scanners

Vulnerabilities detailed in Juniper’s latest bulletin weren’t picked up quickly enough by some major scanners and the NVD. Here's What Happened When Juniper Published its Bulletin On January 9, Juniper published its scheduled security bulletin which detailed 18 fixes that mostly related to JunOS, the popular enterprise-grade operating system used for Juniper's routing, switching and [...]

28 12, 2018

OT Threat Shamoon Returns with its Biggest Attack Yet

By |2019-01-03T10:31:24-07:00December 28th, 2018|Threat Intelligence|Comments Off on OT Threat Shamoon Returns with its Biggest Attack Yet

Notorious OT threat Shamoon returned with its third iteration in December, wiping the disks of hundreds of computers in an attack that started at oil giant Saipem. Shamoon 3: Here's What Happened Over the last 7 years, the notoriety of disk-wiping malware "Shamoon" (also known as "Disttrack") has grown. It has been implicated in three [...]