OT Security

Iranian cyber operation Emennet Pasargad was noted by the FBI, Department of Treasury, and the Israel National Cyber Directorate to have leveraged updated tradecraft, such as IP camera breaches and generative artificial intelligence, in recent attacks, including its compromise of the Summer Olympics.

Such elevated prevalence of online devices in the U.S. has been attributed to the highly decentralized nature of its health system, a report from Censys revealed.

China, the U.S., Canada, and Germany were most targeted by attacks with the Mirai source code-based Gorilla botnet, which involved the exploitation of UDP flood, Valve Source Engine flood, ACK BYPASS flood, ACK flood, and SYN flood techniques, as well as an old Apache Hadoop YARN RPC vulnerability, an analysis from NSFOCUS revealed.

The largest regulated water utility company in the U.S. said ‘unauthorized activity’ was detected last week.

Aside from ensuring OT system and process awareness, organizations should also strengthen cyber incident investigation and response efforts, bolster OT data protections, separate OT networks from IT networks, and include their vendors and managed service providers to their supply chain assurance programs.

Nearly 34% of over 198,000 internet-exposed devices affected by the CUPS flaws, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could be leveraged for DDoS attacks, which involve the delivery of a packet designating a target as an additional printer.