|
Watering Hole Attack
Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research.Symantec. Internet Security Threat Report, April 2016, p. 38 https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes. Defense techniques Websites are often infected through zero-day vulnerabilities on browsers or other software. A defense against known vulnerabilities is to apply the latest software patches to remove the vulnerability that allowed the site to be infected. This is assisted by users to ensure that all of their software is running ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Attack (computing)
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organisations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyber attacks have increased with an alarming rate for the last few years A cyberattack may steal, alter, or destroy a specified target by hacking into a susceptible system. Cyberattacks can range from installing spyware on a personal computer to attempting to destroy the infrastructure of entire nations. Legal experts are seeking to limit the use of the ter ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Energetic Bear
Berserk Bear (aka Crouching Yeti, Dragonfly, Dragonfly 2.0, DYMALLOY, Energetic Bear, Havex, IRON LIBERTY, Koala, or TeamSpy) is a Russian cyber espionage group, sometimes known as an advanced persistent threat. According to the United States, the group is composed of " FSB hackers," either those directly employed by the FSB or Russian civilian, criminal hackers coerced into contracting as FSB hackers while still freelancing or moonlighting as criminal hackers. Four accused Berserk Bear participants, three FSB staff and one civilian, have been indicted in the United States and are regarded by the United States Department of Justice as fugitives. Activities Berserk Bear specializes in compromising utilities infrastructure, especially that belonging to companies responsible for water or energy distribution. It has performed these activities in at least Germany and the U.S. These operations are targeted towards surveillance and technical reconnaissance. Berserk Bear has also targeted ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Persistent Threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals. Such threat actors' motivations are typically political or economic. Every major business sector has recorded instances of cyberattacks by advanced actors with specific goals, whether to steal, spy, or disrupt. These targeted sectors include government, defense, financial services, legal services, industrial, telecoms, consumer goods and many more. Some groups utilize traditional espionage vectors, including social engineering, human intelligence and infiltration to gain access to a physical location to enable network attacks. The purpose of these attacks is to install custom malware (malicious software). The median "dwell-time", the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Attack Vector
In computer security, an attack vector is a specific path, method, or scenario that can be exploited to break into an IT system, thus compromising its security. The term was derived from the corresponding notion of vector in biology. An attack vector may be exploited manually, automatically, or through a combination of manual and automatic activity. Often, this is a multi-step process. For instance, malicious code (code that the user did not consent to being run and that performs actions the user would not consent to) often operates by being added to a harmless seeming document made available to an end user. When the unsuspecting end user opens the document, the malicious code in question (known as the payload) is executed and performs the abusive tasks it was programmed to execute, which may include things such as spreading itself further, opening up unauthorized access to the IT system, stealing or encrypting the user's documents, etc. In order to limit the chance of discovery ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Petya (malware)
Petya is a family of encrypting malware that was first discovered in 2016. The malware targets Microsoft Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system. Variants of Petya were first seen in March 2016, which propagated via infected e-mail attachments. In June 2017, a new variant of Petya was used for a global cyberattack, primarily targeting Ukraine. The new variant propagates via the EternalBlue exploit, which is generally believed to have been developed by the U.S. National Security Agency (NSA), and was used earlier in the year by the WannaCry ransomware. Kaspersky Lab referred to this new version as NotPetya to distinguish it from the 2016 variants, due to these differences in operation. In addition, although it purports to be ransomware, this variant was modi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CCleaner
CCleaner (, originally Crap Cleaner), developed by Piriform Software, is a utility used to clean potentially unwanted files and invalid Windows Registry entries from a computer. It is one of the longest-established system cleaners, first launched in 2004. It was originally developed for Microsoft Windows only, but in 2012, a macOS version was released. An Android version was released in 2014. Features CCleaner can delete potentially unwanted files left by certain programs, including Microsoft Edge, Internet Explorer, Firefox, Google Chrome, Opera, Safari, Windows Media Player, eMule, Google Toolbar, Netscape, Microsoft Office, Nero, Adobe Acrobat, McAfee, Adobe Flash Player, Sun Java, WinRAR, WinAce, WinZip and GIMP along with browsing history, cookies, recycle bin, memory dumps, file fragments, log files, system caches, application data, autocomplete form history, and various other data. The program includes a registry cleaner to locate and correct problems in the Windows ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Financial Supervision Authority (Poland)
The Polish Financial Supervision Authority (PFSA) ( pl, Komisja Nadzoru Finansowego (KNF)) is the financial regulatory authority for Poland. Its responsibilities include oversight of banking, capital markets, insurance, pension scheme and electronic money institutions. History The KNF was formed on 19 September 2006 pursuant to the Financial Market Supervision Act of 21 July 2006. The new supervisory body took over the tasks of the Insurance and Pension Funds Supervisory Commission and of the Securities and Exchange Commission (Poland), which were abolished pursuant to that act. From January 1, 2008, the second phase of the merger of financial supervision in Poland, the Polish FSA took over the powers of the Commission for Banking Supervision together with its office, the General Inspectorate of Banking Supervision. The FSA is a publicly financed entity serving as the single contact point and watchdog for all segments of the Polish financial market. It has been credited with ensu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Web Server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiates communication by making a request for a web page or other resource using HTTP, and the server responds with the content of that resource or an error message. A web server can also accept and store resources sent from the user agent if configured to do so. The hardware used to run a web server can vary according to the volume of requests that it needs to handle. At the low end of the range are embedded systems, such as a router that runs a small web server as its configuration interface. A high-traffic Internet website might handle requests with hundreds of servers that run on racks of high-speed computers. A resource sent from a web server can be a preexisting file (static content) available to the web server, or it can be generated ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
United States Department Of Labor
The United States Department of Labor (DOL) is one of the executive departments of the U.S. federal government. It is responsible for the administration of federal laws governing occupational safety and health, wage and hour standards, unemployment benefits, reemployment services, and occasionally, economic statistics. It is headed by the Secretary of Labor, who reports directly to the President of the United States and is a member of the president's Cabinet. The purpose of the Department of Labor is to foster, promote, and develop the well being of the wage earners, job seekers, and retirees of the United States; improve working conditions; advance opportunities for profitable employment; and assure work-related benefits and rights. In carrying out this mission, the Department of Labor administers and enforces more than 180 federal laws and thousands of federal regulations. These mandates and the regulations that implement them cover many workplace activities for about 10 m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Industrial Control System
An industrial control system (ICS) is an electronic control system and associated instrumentation used for industrial process control. Control systems can range in size from a few modular panel-mounted controllers to large interconnected and interactive distributed control systems (DCSs) with many thousands of field connections. Control systems receive data from remote sensors measuring process variables (PVs), compare the collected data with desired setpoints (SPs), and derive command functions that are used to control a process through the final control elements (FCEs), such as control valves. Larger systems are usually implemented by supervisory control and data acquisition (SCADA) systems, or DCSs, and programmable logic controllers (PLCs), though SCADA and PLC systems are scalable down to small systems with few control loops. Such systems are extensively used in industries such as chemical processing, pulp and paper manufacture, power generation, oil and gas processing, a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy $6 trillion USD in 2021, and is increasing at a rate of 15% per year. Many types of malware exist, including computer viruses, worms, Trojan horses, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Havex
Havex malware, also known as Backdoor.Oldrea, is a RAT employed by the Russian attributed APT group “Energetic Bear” or “Dragonfly." Havex was discovered in 2013 and is one of five known ICS tailored malware developed in the past decade. These malwares include Stuxnet, BlackEnergy, Industroyer/CRASHOVERRIDE, and TRITON/TRISIS. Energetic Bear began utilizing Havex in a widespread espionage campaign targeting energy, aviation, pharmaceutical, defense, and petrochemical sectors. The campaign targeted victims primarily in the United States and Europe. Discovery The Havex malware was discovered by cybersecurity researchers at F-Secure and Symantec and reported by ICS-CERT utilizing information from both of these firms in 2013. The ICS-CERT Alert reported analyzing a new malware campaign targeting ICS equipment via several attack vectors and using OPC to conduct reconnaissance on industrial equipment on the target network. Description The Havex malware has two primary comp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
