2.2.3 New ICS Attack Framework "TRITON" In the middle of November 2017, the Dragos, Inc. team found malware tailor-made for ICSs and identified it as TRISIS (referred to as TRITON in this document) because it fixed it gaze on Schneider Electric's Triconex safety instrumented system (SIS), enabling the replacement of...
Blog
GitLab EE / CE Information Disclosure Vulnerability (CVE-2020-6832) Security Alert
Vulnerability Description On January 14th, GitLab officially released an important version update security notice, fixing a vulnerability (CVE-2020-6832) that could lead to private project inform-ation disclosure. GitLab is an open source project for a warehouse management system. It uses Git as a code management tool and a web service built...
Cybersecurity Insights-14
Analysis of IoT Attack Sources From NSFOCUS's IoT threat intelligence, we can associate DDoS attack events with IoT devices. Further analysis of IoT devices compared to source IP addresses of DDoS attacks found that 3.14% of DDoS attackers are IoT devices. Though this proportion is relatively small, the number of...
ICS Information Security Assurance Framework 7
2.2.2 Dragonfly 2.0 Malware The Dragonfly organization, also known as Energetic Bear, mainly carries out cyber espionage activities targeting electric power operators, major power generation enterprises, petroleum pipeline operators, and industrial equipment providers in the energy sector. According to a Joint Analysis Report (JAR) released by the Department of Homeland...
IP Reputation Report-01192020
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 19, 2020. (more…)
ICS Information Security Assurance Framework 6
2.2 ICS-Targeting Malware Analysis In recent years, more and more malware took ICSs as targets, causing an increasingly great damage. The following sections analyze major ICS-targeting malware. (more…)
