The recent attack took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. According to U.S. Coast Guard, a phishing email was most likely the point of entry into the facility's network. The impacts on the facility included disruption of the entire corporate IT network, disruption of camera and physical access control systems, and loss of critical process control monitoring systems. Ryuk was first seen in August 2018 and has been responsible for multiple attacks globally so far.
Continue reading on Safety4sea
OceanLotus, a Vietnam-linked threat group also known as APT32 is believed to stand behind the recent cyber-attacks on automobile giants BMW and Hyundai, intended to find trade secrets. To get access to the BMW network, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand. BMW's security team spotted the hackers after discovering an instance of “Cobalt Strike”, a well-known penetration testing tool on one of BMW’s computers. No sensitive information was accessed by hackers during the incident and no important servers were compromised. The same campaign also allegedly targeted South Korean carmaker Hyundai, but no additional information was provided.
Continue reading on Bleeping Computer
Echobot made a first appeared in mid-2019 is a new variant of Mirai malware family that is known for targeting IoT devices such as home routers and IP cameras. Echobot has been expanding constantly and now consists of 71 exploits that manipulate both new and old ICS vulnerabilities. The last version of Echobot adds an exploit for CVE-2019-14927, which targets Mitsubishi Electric‘s Remote Terminal Unit (RTU), a controller with remote access to communicate with SCADA systems in the oil and gas industry, power industry, and others.
Continue reading on F5
David Tinley who was convicted for inserting logic bombs into computer programs that he had designed for Siemens, received his sentence. Tinley was sentenced in federal court to a six-month term of imprisonment followed by a two-year term of supervised release, and a fine of $7,500 on his conviction. The logic bombs he used were made to ensure that the programs would malfunction after the expiration of a certain date. Siemens was unaware of the cause of the malfunction and hired Tinley to fix these malfunctions.
Continue reading on Business Insider