Iran, Russia, China Target Water Systems for Sabotage
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols.
While still under development, the malware contains Turkish-language filenames, can record the screen and keystrokes, and inject custom overlays to steal passwords and sensitive data.
Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.
Threat intel experts see a reduced focus on desktop malware as threat groups prioritize passwords and tokens that let them access the same systems as remote workers.
Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says.