09-24-18 – News This Past Week

Legitimate RATs Pose Serious Risk to Industrial Systems
A report published on Friday by the security firm reveals that, on average, in the first half of 2018, legitimate RATs were found on more than two-thirds of computers used for industrial control systems (ICS).
https://www.securityweek.com/legitimate-rats-pose-serious-risk-industrial-systems

Rockwell Automation Patches Severe Flaws in Communications Software
RSLinx Classic is a widely used piece of software that allows organizations to connect Logix5000 programmable automation controllers to various Rockwell applications, including for data acquisition, programming, HMI interaction, and configuration apps. The product is used worldwide, mainly in the energy, critical manufacturing, and water and wastewater systems sectors
https://www.securityweek.com/rockwell-automation-patches-severe-flaws-communications-software

Threats posed by using RATs in ICS
Based on our analysis of KSN statistics, we were able to identify a number of attacks and malware infection attempts involving RATs installed on ICS computers. In most cases, attacks were based on the following scenarios (in the descending order of attack incidence)
https://securelist.com/threats-posed-by-using-rats-in-ics/88011/

Key weapon for closing IoT-era cybersecurity gaps? Artificial intelligence
As businesses struggle to combat increasingly sophisticated cybersecurity attacks, the severity of which is exacerbated by both the vanishing IT perimeters in today’s mobile and IoT era, and an acute shortage of skilled security professionals, IT security teams need a both a new approach and powerful new tools.
https://www.helpnetsecurity.com/2018/09/19/iot-era-cybersecurity-gaps/

Malicious hacking activity increasingly targeting critical infrastructure
In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how the traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value
https://www.helpnetsecurity.com/2018/09/19/maliciuos-hacking-activity-increasingly-targeting-critical-infrastructure/

The Top 5 Security Threats & Mitigations for Industrial Networks
While vastly different than their IT counterparts, operational technology environments share common risks and best practices
https://www.darkreading.com/endpoint/the-top-5-security-threats-and-mitigations-for-industrial-networks-/a/d-id/1332816

Malware Samples Targeting IoT More Than Double in 2018
It’s no secret that connected devices are posing a security threat in the commercial, consumer and industrial worlds. A fresh report on this expanding threat landscape shows that attacks are accelerating, with MikroTik routers, Telnet password-cracking and the Mirai botnet dominating the proceedings
https://threatpost.com/threatlist-malware-samples-targeting-iot-more-than-double-in-2018/137528/

New trends in the world of IoT threats
Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead
https://securelist.com/new-trends-in-the-world-of-iot-threats/87991/

Posted in Uncategorized.