Improved, Stuxnet-Like PLC Malware Aims to Disrupt Critical Infrastructure

Improved, Stuxnet-Like PLC Malware Aims to Disrupt Critical Infrastructure [TechWeb]( Follow Dark Reading: [RSS]( March 06, 2024 LATEST SECURITY NEWS & COMMENTARY [Improved, Stuxnet-Like PLC Malware Aims to Disrupt Critical Infrastructure]( A newly developed PLC malware does not require physical access to target an ICS environment, is mostly platform neutral, and is more resilient than traditional malware aimed at critical infrastructure. [BlackCat Goes Dark After Ripping Off Change Healthcare Ransom]( Source code fire sale, stiffing affiliates — are BlackCat admins intentionally burning their RaaS business to the ground? Experts say something's up. [Army Vet Spills National Secrets to Fake Ukrainian Girlfriend]( The retired US Army lieutenant colonel faces up to 10 years in prison if convicted of sharing secret information about the Russia-Ukraine war with a scammer posing as romantic connection. [Fast-Growing RA Ransomware Group Goes Global]( The rapidly evolving threat group uses high-impact tactics that include manipulating group policy to deploy payloads across environments. [North Korea Hits ScreenConnect Bugs to Drop 'ToddleShark' Malware]( North Korea's latest espionage tool is tough to pin down, with random generators that throw detection mechanisms off its scent. The DPRK is using the recent critical bugs in ConnectWise ScreenConnect, a remote desktop tool, to deliver the bug. [Navigating Biometric Data Security Risks in the Digital Age]( The use of biometrics is increasingly common for authentication, and organizations must make sure their data security solutions protect what may be a new goldmine for hackers. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Zero-Click GenAI Worm Spreads Malware, Poisoning Models]( 35 years after the Morris worm, we're still dealing with a version of the same issue: data overlapping with control. [Seoul Spies Say North Korea Hackers Stole Semiconductor Secrets]( The DPRK is using cyberattacks to steal designs and other data from South Korean microchip manufacturers, according to Seoul's National Intelligence Service. [What Cybersecurity Chiefs Need From Their CEOs]( By helping CISOs navigate the expectations being placed on their shoulders, CEOs can greatly benefit their companies. [CISO Corner: Operationalizing NIST CSF 2.0; AI Models Run Amok]( Dark Reading's roundup of strategic cyber-operations insights for chief information security officers and security leaders. Also this week: SEC enforcement actions, biometrics regulation, and painful encryption changes in the pike. [MORE]( PRODUCTS & RELEASES [Horizon3.ai Unveils Pentesting Services for Compliance Ahead of PCI DSS v4.0 Rollout]( [Boston Red Sox Choose Centripetal As Cyber Network Security Partner]( [Delinea Debuts Privilege Control for Servers: Thwarting Stolen Credentials and Lateral Movement]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Amex Customer Data Exposed in Third-Party Breach]( The breach occurred through a third-party service provider frequently used by the company's travel services division. LATEST FROM THE EDGE [Why Criminals Like AI for Synthetic Identity Fraud]( The wide availability of generative AI will make synthetic identity fraud even easier. Organizations need a multilayered defense to protect themselves. LATEST FROM DR TECHNOLOGY [The Challenges of AI Security Begin With Defining It]( Security for AI is the Next Big Thing! Too bad no one knows what any of that really means. LATEST FROM DR GLOBAL [Predator Spyware Operators Slapped With US Sanctions]( The US Treasury Department sanctioned Intellexa Consortium commercial surveillance leaders in an effort to deter Predator proliferation. WEBINARS - [Unbiased Testing. Unbeatable Results]( - [How Supply Chain Attacks Work -- And How to Stop Them]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Cheat Sheet - 5 Strategic Security Checkpoints]( - [Understanding Today's Threat Actors]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [Causes and Consequences of IT and OT Convergence]( - [Secure Access for Operational Technology at Scale]( - [Threat Intelligence: Data, People and Processes]( - [2023 Snyk AI-Generated Code Security Report]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=121884&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_03.06.24&sp_cid=52361&utm_content=DR_NL_Dark%20Reading%20Daily_03.06.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#b0 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)