Security Boulevard

JUNE 9, 2022

Active since 2017, Lyceum group is a state-sponsored Iranian APT group that is known for targeting Middle Eastern organizations in the energy and telecommunication sectors and mostly relying on.NET based malwares. The threat actor then leverages the AutoClose() function to drop the DNS backdoor onto the system. Lyceum.NET DNS backdoor.

DNS 98

DNS Malware Energy and Utilities Telecommunications 98

eSecurity Planet

MARCH 14, 2022

The Cobalt Strike’s Command and Control protocol is a DNS-based communication that is pretty hard to detect compared to classic HTTP traffic. It’s a pretty clever way to hide malicious instructions using DNS entries and some obfuscation algorithm the Beacon can decode. While that’s true, it requires time, effort, and energy.

Energy and Utilities 132

Energy and Utilities DNS Penetration Testing Ransomware 132

SecureList

AUGUST 19, 2024

They have been targeting entities in multiple sectors, including governmental institutions, financial companies, energy and oil and gas companies, among others. Dynamic DNS services utilized for resolving the addresses of servers hosting the group’s malicious artifacts.

Phishing 133

Phishing Energy and Utilities Malware Banking 133

SecureWorld News

JUNE 17, 2020

An attacker may utilize affected device as a way to remain hidden within the network for years. This can be done by performing a MITM attack or a DNS cache poisoning. How did Ripple20 vulnerabilities become so widespread? An attacker could broadcast an attack capable of taking over all impacted devices in the network simultaneously.

IoT 64

IoT Energy and Utilities Internet Internet 64

SecureList

NOVEMBER 26, 2021

We have seen targeted attacks exploiting the vulnerability to target companies in research and development, the energy sector and other major industries, banking, the medical technology sector, as well as telecoms and IT. That library was then loaded by the legitimate MsMpEng.exe by utilizing the DLL side-loading technique.

Malware 135

Malware Banking Energy and Utilities Accountability 135

eSecurity Planet

JULY 28, 2021

For advantages, private blockchains are more scalable and energy-efficient with suggested use cases of banking and supply chain management. More robust security for Domain Name Systems (DNS). Utilizing their open standard Blokcerts, companies can transparently manage identities and activity on a real-time secure blockchain.

Cybersecurity 136

Cybersecurity Cryptocurrency Technology Energy and Utilities 136

eSecurity Planet

APRIL 7, 2023

You may use a VPN or install utilities to capture and forward traffic to other subnets, or configure proxychains. Besides, attacking tools can send multiple probes or headers along with their requests (e.g., during scanning and discovery), which can be detected and blocked by security tools.

Penetration Testing 141

Penetration Testing Social Engineering Energy and Utilities Hacking 141