#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Havex malware | Breaking Cybersecurity News | The Hacker News

New Variant of Havex Malware Scans for OPC Servers at SCADA Systems

New Variant of Havex Malware Scans for OPC Servers at SCADA Systems

Jul 19, 2014
At the beginning of the month, we have reported about the new surge of a Stuxnet-like malware "Havex" , which was previously targeting organizations in the energy sector, had been used to carry out industrial espionage against a number of companies in Europe and compromised over 1,000 European and North American energy firms. Recently, researchers at security firm FireEye have discovered a new variant of Havex remote access Trojan that has capability to actively scan OPC ( Object linking and embedding for Process Control ) servers, used for controlling SCADA (Supervisory Control and Data Acquisition) systems in critical infrastructure, energy, and manufacturing sectors. OPC is a communications standard that allows interaction between Windows-based SCADA or other industrial control systems (ICS) applications and process control hardware. New Havex variant gathers system information and data stored on a compromised client or server using the OPC standard. OPC is pervasive and
Dragonfly Russian Hackers Target 1000 Western Energy Firms

Dragonfly Russian Hackers Target 1000 Western Energy Firms

Jul 02, 2014
Gone are the days when cyber criminals focuses only on PCs to spread malwares and target people, whether it's ordinary or a high profile person. Nowadays, organizations in the energy sector have become an interesting target for cyber minds. Few days ago, security researchers uncovered a Stuxnet-like malware, " Havex ", which was also programmed to infect industrial control system software of SCADA systems , with the capability to possibly disable hydroelectric dams, overload nuclear power plants, and even shut down a country's power grid with a single keystroke. RUSSIAN HACKERS HIT 1000 ENERGY FIRMS Recently, a Russian group of hackers known as ' Energetic Bear ' has compromised over 1,000 European and North American energy firms with a sophisticated cyber weapon, similar to Stuxnet, that gave hackers access to power plant control systems, said a security firm. The group of hackers also known as ' Dragonfly ', an eastern European collective that has been active since
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Stuxnet-like 'Havex' Malware Strikes European SCADA Systems

Stuxnet-like 'Havex' Malware Strikes European SCADA Systems

Jun 26, 2014
Security researchers have uncovered a new Stuxnet like malware, named as " Havex ", which was used in a number of previous cyber attacks against organizations in the energy sector. Just like Famous Stuxnet Worm , which was specially designed to sabotage the Iranian nuclear project, the new trojan Havex is also programmed to infect industrial control system softwares of SCADA and ICS systems, with the capability to possibly disable hydroelectric dams, overload nuclear power plants, and even can shut down a country's power grid with a single keystroke. According to security firm F-Secure who first discovered it as Backdoor:W32/Havex.A. , it is a generic remote access Trojan ( RAT ) and has recently been used to carry out industrial espionage against a number of companies in Europe that use or develop industrial applications and machines. SMARTY PANTS, TROJANIZED INSTALLERS To accomplish this, besides traditional infection methods such as exploit kits and spam emails,
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources