From time to time, there will be an overlap with malware infrastructure where one attacker will compromise another attacker’s infrastructure. Typically, this is part of the “compromised infrastructure” which can fluctuate, and attackers have even been seen to uninstall one another’s malware. However, in this case, we strongly believe that the actors are experimenting with Dridex, Pony, and Neutrino.
Awareness the best way to prevent phishing, expert says
Phishing, an online scamming method in which crooks send legitimate-looking emails to victims and ask for private data such as credit card info, is growing in popularity in the UK, a recent study suggests.
How a Canadian university is overhauling its approach to IT security
The day an organization is successfully attacked is memorable for most IT professionals. David Shipley has no trouble remembering the date of the one he faced as a Web site administrator at the University of New Brunswick. Read More
Russian Hacking Group Sandworm Targeted US Before Knocking Out Power In Ukraine
It’s not every day that someone turns off the electricity for more than half a million people just by sending an email. In fact, it had never happened until last month, when hackers tricked Ukrainian power plant employees into giving them access to industrial control systems, the equivalent of a switch that regulates electricity flow out of a power plant. Read More
Translation Update: How to Pwn an Electric Company (or Anyone Else, for That Matter)
1/13/2016 Update: The blog has been updated to reflect the translation of the BlackEnergy word document.
On January 4th, ESET released an amazing blog post about the BlackEnergy Trojan being used to attack power companies in the Ukraine to knock out the power in some areas. While this is not the first time we’ve seen cyber attacks become kinetic, the BlackEnergy attacks could have been prevented.