Industrial Security | Breaking Cybersecurity News | The Hacker News

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization's reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to target industrial control systems, specifically Iran's nuclear enrichment facilities. It exploited multiple zero-day vulnerabilities and spread primarily through USB drives, making it one of the first examples of a cyberattack with real-world physical effects. Stuxnet exposed the risks of removable media and raised global awareness of cybersecurity threats to critical infrastructure. How USB drive attacks propagate Attackers use various methods to deliver malicious payloads via USB drives, targeting individuals and organizations.  Drop attacks : Infected USB drives are deliberatel...

Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday report. "The attackers employed a sophisticated multi-stage payload delivery framework to ensure evasion of detection." The activity has singled out government agencies and industrial organizations, particularly manufacturing, construction, information technology, telecommunications, healthcare, power and energy, and large-scale logistics and transportation, in Taiwan, Malaysia, China, Japan, Thailand, South Korea, Singapore, the Philippines, Vietnam, and Hong Kong. The lure attachments used in the email messages suggest that the phishing campaign, dubbed Operation SalmonSla...

Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification ( MMS ) protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution," Claroty researchers Mashav Sapir and Vera Mens said in a new analysis. MMS is an OSI application layer messaging protocol that enables remote control and monitoring of industrial devices by exchanging supervisory control information in an application-agnostic manner. Specifically, it allows for communication between intelligent electronic devices ( IEDs ) and supervisory control and data acquisition (SCADA) systems or programmable logic controllers (PLCs). The five shortcomings identified by the operational technology security company impact MZ Automation's libIEC61850 library and Triangle MicroWorks' TMW IEC 61...