Roaming Mantis Campaign

What happened? A new cyber campaign involving poorly configured and vulnerable routers was exploited to infect several thousand Android smartphones. The malware dubbed “Roaming Mantis” infects Android smartphones by using DNS hijacking techniques as its distribution method. It is able to redirect users to malicious Continue Reading

ICS Summary for Week of October 27, 2017

Critical Vulnerabilities Found in SATCOM Systems Researchers at IOActive have found two critical vulnerabilities in the AmosConnect 8 SATCOM systems.  Created by telecommunications company, Inmarsat, the AmosConnect 8 system provides access to e-mail, instant messages, position reporting, crew internet, automatic file transfer, and application integration Continue Reading

ICS Alerts and Advisories for Week of October 20, 2017

ICS-CERT Advisories: ICSA-17-292-01 : SpiderControl MicroBrowser ICSMA-17-292-01 : Boston Scientific ZOOM LATITUDE PRM Vulnerabilities ICSA-17-290-01 : Progea Movicon SCADA/HMI ICSA-17-285-01 : ProMinent MultiFLEX M10a Controller ICSA-17-285-02 : WECON Technology Co., Ltd. LeviStudio HMI Editor ICSA-17-285-03 : Envitech Ltd. EnviDAS Ultimate ICSA-17-285-04 : NXP Semiconductors MQX RTOS ICSA-17-285-05 : Siemens BACnet Field Panels ICSA-17-283-01 : LAVA Computer MFG Inc. Ether-Serial Link ICSA-17-283-02 : JanTek JTC-200

ICS Summary for Week of September 14, 2017

Syringe Infusion Pumps Vulnerable to Remote Attacks ICS-CERT has published an advisory detailing eight vulnerabilities found in Medfusion 4000 Wireless Syringe Infusion Pump manufactured by US-based device maker Smiths Medical.  These systems are meant to deliver accurate small doses of medication to patients in critical Continue Reading

Global Weekly Executive Summary, 07 SEPT 2017

Equifax Breach | Ehdoor Info-stealing Malware Equifax Breach affects 143 Million in the US Credit reporting agency Equifax announced a massive data breach on 7 September that it says could potentially impact 143 million US customers. Read More Ehdoor/EHDevel info-stealing malware targets Pakistan and India Continue Reading

Global Weekly Executive Summary, 01 SEPT 2017

Turla Group, the Gazer Backdoor, and WhiteBear Activity This week, two security researchers published reports relating to well-known cyberespionage APT group,Turla. Security researchers from ESET, an IT security company based in Slovakia, wrote about a previously undocumented backdoor called Gazer which appears to be the Continue Reading

Hacking With Stickers

Deep Neural Network-based ClassifiersVulnerabilities Researchers from the University of Washington have dived deep into the world of Deep Neural Network-Based algorithms and classifiers and have found and identified various vulnerabilities in the machine learning code that allows for misclassification of input leading to an undesired result.  Thier Continue Reading

ICS Executive Summary for Week of August 11, 2017

Solar Panels Vulnerable to Attacks Dutch researcher, Willem Westerhof, revealed that he found a great number of vulnerabilities in solar panels widely used across Europe.  Because the power grids in Europe are very intertwined, the exploitation of these vulnerabilities could allow an attacker to cause Continue Reading