Vulnerability & Threat Management

28 12, 2018

OT Threat Shamoon Returns with its Biggest Attack Yet

By |2019-01-03T10:31:24-07:00December 28th, 2018|Threat Intelligence|

Notorious OT threat Shamoon returned with its third iteration in December, wiping the disks of hundreds of computers in an attack that started at oil giant Saipem. Shamoon 3: Here's What Happened Over the last 7 years, the notoriety of disk-wiping malware "Shamoon" (also known as "Disttrack") has grown. It has been implicated in three [...]

7 12, 2018

Zero-Day Attack on Russia Prompts OOB Patches

By |2019-03-08T12:58:41-07:00December 7th, 2018|Threat Intelligence|

A targeted zero-day attack on Russia centered around a bug in Adobe Flash Player, but carried on the back of a malicious “mule” document, prompting both Adobe and Microsoft to release patches. The Zero-Day Attack on Russia: What Happened? In the early hours of November 29, 2018, a professional questionnaire issued by a Russian medical [...]

8 11, 2018

Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide

By |2018-11-08T16:28:12-07:00November 8th, 2018|Vulnerability & Threat Management|

On November 1, 2018, researchers from Armis revealed two severe vulnerabilities known as Bleedingbit which could be used to carry out remote code execution attacks on enterprise firms worldwide. The Bleedingbit vulnerabilities impact Bluetooth low-energy chips built by Texas Instruments (TI) and are used in millions of Cisco and Aruba wireless access points (AP). Although [...]

16 10, 2018

Foreshadow Vulnerabilities Impact Siemens Products

By |2018-10-23T14:26:14-07:00October 16th, 2018|Vulnerability & Threat Management|

Foreshadow and its derivatives, which allow unintended reads of the most isolated and secure microprocessor memory, are as ubiquitous as modern Intel chips. Operational technology (OT) systems, including many in the Siemens industrial and automation portfolios, incorporate the vulnerable chips. Foreshadow Vulnerabilities and Timeline On August 14, 2018, Intel took part in the coordinated disclosure [...]

8 10, 2018

TSMC WannaCry Hits OT Plants with a Hefty Price Tag

By |2019-01-24T13:24:29-07:00October 8th, 2018|Vulnerability & Threat Management|

  The TSMC WannaCry attack may feel like déjà vu, but it’s a lesson in vulnerability management. You may never have heard of Taiwan Semiconductor Manufacturing Company (TSMC), but you’ve probably used their product. TSMC is Apple’s sole wafer supplier. And in August, they got hit with a WannaCry nearly a year and a half [...]

10 09, 2018

Android API Vulnerability Exposes Sensitive Customer Information

By |2018-09-10T16:02:24-07:00September 10th, 2018|Vulnerability & Threat Management|

Researchers from Nightwatch Cybersecurity have discovered an Android API vulnerability (CVE-2018-9489) in the Google Android OS which exposes sensitive information about the user’s device to any app that’s installed on the phone — regardless of whether the app requires that data to function. The sensitive information passes via a system broadcast and includes the WiFi network [...]

21 08, 2018

MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

By |2018-08-21T14:06:30-07:00August 21st, 2018|Threat Intelligence|

A massive cryptojacking campaign that targets MikroTik routers and utilizes Coinhive was initially discovered on July 31 and has infected more than 200,000 routers worldwide. The Coinhive malware started spreading on routers in Brazil and later targeted MikroTik routers in other countries around the globe. MikroTik Infection Process and Exploit Method The infection exploited a [...]