The Monday Media Wrap Up: Petya, Power Plant Systems and Vulnerabilities, and Threat Intelligence

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Articles from July 1-7

Ukraine calls out Russian involvement in Petya

ZDNet | Chris Duckett | July 3, 2017

Ukraine has said Russian security services were involved in the recent Petya cyber attack aimed at destroying its important data and spreading panic. Ukrainian politicians were quick to blame Russia for Tuesday’s attack but a Kremlin spokesman dismissed “unfounded blanket accusations”. Cyber security firms are trying to piece together who was behind the computer worm, dubbed NotPetya by some experts, which conked out computers across an estimated 60 countries, disrupted shipping, and shut down a chocolate factory in Australia.

Threat Intelligence Too Often Fails to Deliver

IT Business Edge | Sue Marquette Poremba | July 6, 2017

Organizations are doing more to prepare for potential data breaches and manage overall security, yet have far to go to implement effective security plans to keep up with cybersecurity threats. For example, last month, the Information Security Forum (ISF) released its report, Threat Intelligence: React and Prepare, which found that threat intelligence is often failing organizations. ISF said five common problems are causing this threat intelligence letdown, including: No common understanding/definition of threat intelligence; Very few able to identify all of the skills required for their threat intelligence capabilities, with large gaps in business implications; The ability to integrate threat intelligence into decision making; Management of threat intelligence capabilities; Uncertainty of how practical considerations, like the use of technologies or collaborations, affect threat intelligence.

Inside the rickety, vulnerable systems that run just about every power plant

CSO/ITworld | Josh Fruhlinger | July 7, 2017

The ways that attacks (like the Stuxnet attack by the US on Iran’s uranium enrichment facility) can still succeed against industrial infrastructure may alarm and unsettle you. The truth has less to do with the skills of the attackers and more to do with the rickety state of our industrial control systems. Small, embedded computers are what actually control industrial equipment, running more or less exclusively on … Windows XP machines, whose operating system is, of course, no longer supported by the manufacturer. If malware is deliberately aimed at industrial facilities, though, it can do some real damage. Once it infiltrates the network, it can set up a man in the middle attack and do all sorts of interesting and scary things, like convince a PLC to send signals to the control room indicating that everything is fine when it’s not (or vice versa).

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About DomainTools
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at
Promoted Content
The Distribution of Malicious Domains
In our previous reports, we profled malicious domains by describing patterns in theirregistration details: top level domain (TLD), free email provider, Whois privacy provider, andhosting location. In this edition, we compared the distributions of malicious domains vs neutraldomains across a measure of age (both of the domain and of the name server domain) anda measure of the entropy of the domain name. We also examined malicious domains acrossregistrars to fnd additional clues as to how and when these domains were registered.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?