Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.
OT environments rely on aging systems, shared accounts, and remote access, making weak or reused passwords a major attack vector. Specops Software explains how stronger password policies and continuous checks for compromised credentials help secure critical OT infrastructure. [...]
The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.
An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated "CyberAv3ngers" swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root.
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]
"Voltzite," the APT's subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.
The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices
Poisoned SCADA apps could have disrupted power supply – perhaps even at nuclear plants The United States Department of Justice has unsealed a pair of indictments that detail alleged Russian government hackers' efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure around the world – including at least one nuclear power plant.…