Threat Intelligence

28 12, 2018

OT Threat Shamoon Returns with its Biggest Attack Yet

By |2019-01-03T10:31:24-08:00December 28th, 2018|Threat Intelligence|

Notorious OT threat Shamoon returned with its third iteration in December, wiping the disks of hundreds of computers in an attack that started at oil giant Saipem. Shamoon 3: Here's What Happened Over the last 7 years, the notoriety of disk-wiping malware "Shamoon" (also known as "Disttrack") has grown. It has been implicated in three [...]

7 12, 2018

Zero-Day Attack on Russia Prompts OOB Patches

By |2019-03-08T12:58:41-08:00December 7th, 2018|Threat Intelligence|

A targeted zero-day attack on Russia centered around a bug in Adobe Flash Player, but carried on the back of a malicious “mule” document, prompting both Adobe and Microsoft to release patches. The Zero-Day Attack on Russia: What Happened? In the early hours of November 29, 2018, a professional questionnaire issued by a Russian medical [...]

21 08, 2018

MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

By |2018-08-21T14:06:30-07:00August 21st, 2018|Threat Intelligence|

A massive cryptojacking campaign that targets MikroTik routers and utilizes Coinhive was initially discovered on July 31 and has infected more than 200,000 routers worldwide. The Coinhive malware started spreading on routers in Brazil and later targeted MikroTik routers in other countries around the globe. MikroTik Infection Process and Exploit Method The infection exploited a [...]

27 07, 2018

Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

By |2018-07-30T09:23:30-07:00July 27th, 2018|Threat Intelligence|

A critical Oracle WebLogic vulnerability (CVE-2018-2893) is being utilized by attackers three days after the publication of a proof of concept. Since the sample exploit code was released, there has been a rise in its exploitation attempts. The vulnerability has received a "critical" severity level and a score of 9.8 out of 10 on the [...]