Tag Archive for: visited

Oldsmar water hack came after city computer visited compromised website

/in


OLDSMAR, Fla. — An Oldsmar city computer reportedly visited a website hosting malicious code that targeted water utilities in the hours leading up to the city’s water treatment plan being hacked, a new report from the security firm Dragos said.

The Oldsmar water hack saw someone try to poison the water supply with lye, but it was discovered before any damage could be done. While the website ultimately didn’t play a role in the hack of the water supply system in Oldsmar, Dragos said the overall incident shined a light on IT security in the infrastructure in the United States.

The report, released Tuesday, found the website hosting the code was a Florida water utility contractor site. Dragos labeled the attack as a “watering hole attack.” According to the Computer Security Resource Center, a watering hole attack features an attacker “compromising a site likely to be visited by a particular group, rather than attacking the target group directly.”

In the case of the Oldsmar attack, Dragos found damaging code “inserted into the footer of a WordPress-based site associated with a Florida water infrastructure constructions company.” Dragos speculated the code was inserted through vulnerable WordPress plugins. Once the code was inserted into the legitimate site, the attackers began collecting information.

According to the Dragos report, the hack of the site started on December 20, 2020, and was on there until February 16, 2021. While the malicious code was live, the site interacted with “computers from municipal water utility customers, state and local government agencies, various water industry-related private companies, and normal internet bot and website crawler traffic.” Dragos said that over “1,000 end-user computers were profiled by the code” with most being in the U.S. and in the state of Florida.

For the Oldsmar attack, Dragos found a computer on a network belonging to the city went to the infected site at 9:49 a.m. on February 5, 2021. Dragos said the same network from the city was where an unknown actor, likely separate from the criminals who put the malicious code on the website, “reportedly compromised a water treatment control plant computer on the…

Source…

After Wendy’s credit card data breach, those who visited WNC locations may be affected – WLOS

/in

WLOS

After Wendy's credit card data breach, those who visited WNC locations may be affected
WLOS
WLOS — RALEIGH, N.C. — A malware data breach may leave people open to identity theft after it compromised information from Wendy's franchises in Cashiers and Cherokee, as well as other cities across the state.
Local Wendy's customers at risk from data breachBaxter Bulletin
Wendy's says more than 1000 restaurants were affected by hackers who stole card details in a data breach first …Daily Mail
Credit Card Breach Hits Various NJ Wendy's Restaurants; South Plainfield Location Not ImpactedTAPinto.net
WITN –Dearborn Press and Guide –Komando
all 44 news articles »

“data breach” – Google News

NSA Chief Visited Israel Secretly to Coordinate Cyber Warfare – The Jewish Press

/in

NSA Chief Visited Israel Secretly to Coordinate Cyber Warfare
The Jewish Press
National Security Agency chief, Admiral Michael Rogers, arrived in Israel last week on a work visit focusing on tightening relations with unit 8200 of IDF Intelligence on cyber warfare, especially against attacks by Iran and Hezbollah, Ha'aretz

and more »

cyber warfare – read more

My browser visited Weather.com and all I got was this lousy malware (Updated)

/in

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo’s ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Read 3 remaining paragraphs | Comments


Ars Technica » Technology Lab