Top of The Cyber News

US Planted Malware on Russian Power Grid

Current and former US government officials say that US intelligence has placed malware in Russia’s electric power grid. While some support the increasingly aggressive cyber efforts, others are concerned that they could escalate tensions between the countries. The administration will not say what actions have been taken, but the authority to take them was granted to US Cyber Command last year.

Read more in:
: U.S. Escalates Online Attacks on Russia’s Power Grid

XENOTIME Hacking Group is Targeting US Power Grid Networks

The same hacking group that used the TRISIS malware to launch a cyberattack against a Saudi Arabian petrochemical plant in 2017 are believed to have been infiltrating power grid networks in the US and countries in the Asia-Pacific region. ICS security firm Dragos, which calls the group XENOTIME, says that the hackers began scanning the networks late last year. The activity marks a shift for the group from targeting oil and gas companies to targeting electric power companies.
Read more in:
: Threat Proliferation in ICS Cybersecurity: XENOTIME Now Targeting Electric Sector, in Addition to Oil and Gas

DHS Agency Issues BlueKeep Alert, Says Flaw Affects Windows 2000(June 17, 2019)
 The US Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA) has added its voice to the growing list of advisories urging Windows users to apply patches for the BlueKeep Remote Desktop Protocol vulnerability. CISA’s alert notes that it has determined that the BlueKeep issue also affects Windows 2000.
Read more in:
: DHS Tests Remote Exploit for BlueKeep RDP Vulnerability
– U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert

The Exim Flaw is Being Actively Exploited; Microsoft Urges Patching(June 14 & 17, 2019)
 A flaw in the Exim mail transfer agent (MTA) is being actively exploited to place cryptominers on vulnerable devices. The issue affects some Microsoft Azure customers and the company is urging them to patch the flaw against the spreading malware. Users should update to Exim version 4.92. Exim runs on more than half of all email servers worldwide.

Read more in:
: Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.