The Next Disruptive ICS Attacker: An Advanced Persistent Threat (APT)?

No discussion on ICS attacks could be complete without talking about what some would call, ‘the elephant in the room.’ Critical infrastructure has always been a target for warfare, and modern ICS are no exception. Several high-profile ICS disruptions have Read More …

US Census Bureau hacked in January 2020 using Citrix exploit

US Census Bureau servers were breached on January 11, 2020, by hackers who exploited a Citrix ADC zero-day vulnerability as the US Office of Inspector General (OIG) disclosed in a recent report. “The purpose of these servers was to provide Read More …

CISA Alert: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

On August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.[1] A remote attacker could exploit CVE-2021-22156 to Read More …

Govt hackers impersonate HR employees to hit Israeli targets

Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets. The campaigns have been attributed to the Iranian APT group known as Lyceum, Read More …

Hive ransomware attacks Memorial Health System, steals patient data

In what appears to be an attack from the Hive ransomware gang, computers of the non-profit Memorial Health System have been encrypted, forcing staff to work with paper charts. The attack occurred early Sunday morning and the IT department detected Read More …

How Pipeline Owners and Operators Can Fulfill the TSA’s Second Security Directive

Senior officials at the Department of Homeland Security (DHS), of which the TSA is a part, announced at the time of their security directive that they would soon require pipeline organizations to implement a new set of mandatory security controls Read More …

The Next Disruptive ICS Attacker: A Disgruntled Insider?

Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have Read More …

Ransomware attack hits Italy’s Lazio region, affects COVID-19 site

The Lazio region in Italy has suffered a reported ransomware attack that has disabled the region’s IT systems, including the COVID-19 vaccination registration portal. Early Sunday morning, the Lazio region suffered a ransomware attack that encrypted every file in its Read More …

NSA, CISA release Kubernetes Hardening Guidance

FORT MEADE, Md. – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk. Read More …

PwnedPiper critical bug set impacts major hospitals in North America

Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper. PTS solutions are part of a hospital’s critical infrastructure as they are used to Read More …