IT / OT Security News

A cyberattack has disrupted the operation of gas stations throughout Iran, authorities confirmed on Monday.

Residents of a remote area on Ireland’s west coast were left without water last week due to a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment the hackers complained was made in Israel.

Researchers have discovered more than 20 security flaws affecting routers manufactured by the Canadian communications equipment vendor Sierra Wireless.

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or water supply.

The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack on Friday.

A malicious modified version of WhatsApp messenger predominantly targeting Arabic and Azeri speakers has been distributed on popular Telegram channels that have nearly two million subscribers.

Mandiant says Russia’s Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across Ukraine.

The domestic intelligence chiefs of the Five Eyes alliance warned businesses on Tuesday that they were seeing a “sharp rise” in attempts by hostile states to steal intellectual property.

A Mirai-based malware botnet has expanded its payload arsenal to aggressively target routers and other internet-facing devices, researchers have discovered.

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies.

Symantec has identified a new advanced persistent threat (APT) actor that appears to be focusing exclusively on targeting critical national infrastructure organizations.

Israel's security agency is investigating a potential phone breach of opposition party lawmakers, according to local media reports.

Vulnerabilities identified in the OAS Platform could be exploited to bypass authentication, leak sensitive information, and overwrite files.

Researchers at Secureworks have come across a mysterious piece of malware that scans for nearby Wi-Fi access points in an effort to obtain the location of the infected device.

Here are three compelling reasons for a change of heart and mind—if not to protect yourself, then your loved ones. When we get a new phone, we automatic want to buy a protective case to protect its chassis.

U.S. regulators on Tuesday fined nine Wall Street companies, including Wells Fargo (WFC.N), opens new tab, BNP Paribas (BNPP.PA), opens new tab and Société Générale (SOGN.PA), opens new tab $549 million over employees' use of personal messaging apps to discuss deals, trades and other business.

Japanese imaging and optical products giant Canon on Monday warned that more than 200 of its inkjet printer models fail to properly erase Wi-Fi configuration settings.

More than 900,000 MikroTik routers are vulnerable to an issue that the company quietly patched late last week, according to researchers.

Operational technology giant Honeywell joined the Cybersecurity and Infrastructure Security Agency (CISA) Thursday in warning of several serious vulnerabilities affecting a line of industrial control tools used widely within the manufacturing industry.

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

Last month, emergency regulations were approved authorizing the IDF and the Shin Bet to penetrate the computers used to operate stationary cameras; Now the Ministry of Defense requests to extend those powers by at least six months.

Here are 10 tips to keep ourselves paranoid even when a secure network is available during travel or itinerant work errands.

Switzerland’s Federal Intelligence Service (FIS) is warning that cyberattacks conducted for espionage purposes — including those targeting critical infrastructure operators — are going to increase as a result of Western efforts to degrade Russia’s human intelligence networks in Europe.

Forescout Technologies has disclosed the details of vulnerabilities impacting operational technology (OT) products from Wago and Schneider Electric.

Here are four steps that organizations need to take and own to protect expanded corporate perimeters and guard against human error.

Russia's Federal Security Service (FSB) is accusing U.S. intelligence of hacking “thousands of Apple phones” to spy on Russian diplomats. According to FSB’s statement published on Thursday, the U.S. used previously unknown malware to target iOS devices.

Antivirus company Doctor Web has identified spyware in over 100 Android applications that had more that 421 million cumulative downloads in Google Play.

Samsung smartphone users have been warned by the vendor and the US Cybersecurity and Infrastructure Security Agency (CISA) about a recently patched vulnerability being exploited in attacks.

Crime victims, political donors and potential sources were targeted in digital searches that the FBI says have now been scaled back

The Justice Department on Tuesday announced a round of indictments accusing foreign nationals of attempting to illegally gain access to sensitive U.S. technologies, including the source code for Apple's autonomous driving system.

In March this year, Fortinet had had to release a patch for a zero day vulnerability (CVE-2022-41328) after being notified of sudden system halts and boot failures in its devices.

Security researchers are warning that two new Android trojans have been observed targeting users in Southeast and East Asia. One of them has amassed hundreds of thousands of installs via Google Play.

More than 80 countries have purchased spyware over the past decade, Britain’s cyber agency revealed in an intelligence assessment released Wednesday.

Over the past three years, one global cybersecurity firm has seen IoT attack levels surge by double digits despite experts’ warnings. In a three-year analysis of data from its own user base and threat intelligence telemetry, a cybersecurity firm has noted a sharp increase in cyberattacks targeting IoT devices.

A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads.

These Android TV boxes have been around just about as long as Android has. Odds are, you or someone you know has had one over the years.

Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead.

Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form.

Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed.

Proof-of-concept exploits for vulnerabilities in Netgear’s Orbi 750 series router and extender satellites have been released, with one flaw a critical severity remote command execution bug.

Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure.

Public Wi-Fi hotspots are almost everywhere. Be it a hotel, café, restaurant, or airport, you can get a free Wi-Fi connection in most public places.

The British government has announced a new body to help businesses and organizations to defend themselves against national security threats, including Chinese attempts at intellectual property theft.

Researchers have uncovered advanced malware that’s turning business-grade routers into attacker-controlled listening posts that can sniff email and steal files in an ongoing campaign hitting North and South America and Europe.

The United States is ratcheting up national security concerns about TikTok, mandating that all federal employees delete the Chinese-owned social media app from government-issued mobile phones. Other Western governments are pursuing similar bans, citing espionage fears.

Russian antiwar activists placed their faith in Telegram, a supposedly secure messaging app. How does Putin's regime seem to know their every move?

The European Union’s executive branch said Thursday that it has temporarily banned TikTok from phones used by employees as a cybersecurity measure, reflecting widening worries from Western officials over the Chinese-owned video sharing app.

Nearly four out every five apps in Google’s Play Store are not accurately reporting how they handle user data despite filling out required forms intended to increase transparency, researchers have found.

A new version of the SpyNote spyware can impersonate other apps and steal your social media and banking information. How can you protect yourself?

One evening last July, Mashy Meidan, 63 – a well-known figure in the corporate intelligence sphere – was contacted via an intermediary by an unknown foreign business adviser.

Using changing remote content, apps slide by official review process to deliver fraud through the Apple App Store and Google Play Store.

Apple’s product security response team on Monday rolled out patches to cover numerous serious security vulnerabilities affecting users of its flagship iOS and macOS platforms.

​

Threema comes with unusually strong claims. They crumble under new research findings.

The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle.

Hackers are increasingly using a new variant of SpyNote malware to secretly observe and modify infected Android smartphones, according to research published by ThreatFabric on Monday.

Google announced on Tuesday the first Android security updates for 2023, which patch a total of 60 vulnerabilities.

Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022.

Huawei smartphones and other devices ran Android until 2019, when the US government barred American companies from selling software and technology to the Chinese firm.

The world and its borders are slowly opening up after strict Covid lockdowns, and people are looking forward to travelling again. While this is great and fun, keep in mind that you might be subject to random searches and highly invasive and traumatic experiences.