Search Results for "watering hole"

crowdstrike energetic bear

FBI and Homeland Security dish Dirt on Critical Infrastructure Attacks

A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia. 

Security Ledger Turns 5!

I’m not much of one for milestones and the record will show that I’ve rarely taken the occasion to note significant Security Ledger dates. Actually, it would be more accurate to say that I’ve never noted them. But October 2nd marks what I consider an important one: the fifth anniversary of our first blog post. On October 2, 2012, this blog went live with a post on the VOHO watering hole attacks. That makes today – October 2, 2017, Security Ledger’s 5th birthday! So much has happened in the intervening years – and much remains the same. Sadly, we haven’t beat watering hole attacks, though maybe we talk about them less than we used to. The last five years have seen this blog focus more and more on the security of our physical world and the many, intelligent devices that inhabit it.  That has proven to be a very rich seam […]

industrial machinery

Seven Years After Stuxnet, Industrial Firms Still Lag on Security

In-brief: Seven years after the Stuxnet worm proved that attacks on industrial environments was possible, many industrial and manufacturing firms still lack basic elements of an effective information security strategy, a new report finds. 

Super Cookies, Web Analytics Behind Malicious Profiling

In-brief: FireEye is warning about a sophisticated campaign of online surveillance that combines web “super cookies” and common analytics software to target individuals with links to international diplomacy, the Russian government and the energy sector.

Supply Chain Hackers Use Short List of Techniques | Trend Micro

In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks.