New, Dangerous Toolset from APT Threat Actor Can Seriously Disrupt Industrial Control Systems
Microsoft took down C2 servers from ZLoader botnet, Hacktivists used Conti gang's malware against Russia, Undersea cables were targeted in Hawaii, Hackers stole $11.2 million from Elephant DeFi, more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
The Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, and the FBI jointly released an advisory about a new and dangerous hacker toolset developed by an unnamed APT actor that can potentially meddle with a wide range of industrial control system equipment.
The malware contains an array of components designed to disrupt or take control of the functioning of devices, including programmable logic controllers (PLCs) sold by Schneider Electric and OMRON and are designed to serve as the interface between traditional computers and the actuators and sensors in industrial environments.
CISA says that the actors can also compromise Windows-based engineering workstations, which may be present in information technology (IT) or OT environments, using an exploit that compromises an ASRock motherboard driver with known vulnerabilities. A…