DIRS.INFO The most relevant business & tech news

HARRISBURG, Pa. (AP) — A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities say. The group targeted the Unitronics devices at least since Nov. 22, it said. The advisory notes that Unitronics devices ship with a default password, a practice experts discourage as it makes them more vulnerable to hacking. It says the hackers likely accessed affected devices by “exploiting cybersecurity weaknesses, including poor password security and exposure to the internet.”Experts say many water utilities have paid insufficient attention to cybersecurity. Americans must know their drinking water and other basic infrastructure is safe from “nation-state adversaries and terrorist organizations,” U.S. Sens.

Persons: Matthew Mottes, CISA, Unitronics —, John Fetterman, Bob Casey, Chris Deluzio, Av3ngers, Sergey Shykevich, Unitronics, Biden Organizations: FBI, Environmental Protection Agency, Infrastructure Security Agency, Directorate, Associated Press, Municipal Water Authority, Islamic Revolutionary Guards Corps, ”, U.S . Justice Department, U.S . Rep Locations: HARRISBURG, Pa, Pennsylvania, United States, Iran, Israeli, Aliquippa, Israel, Gaza, U.S, Sens, Missouri , Arkansas, Iowa

The Aliquippa water authority's chairman, Matthew Mottes, said federal officials told him that hackers also breached four other utilities and an aquarium. The device breached in Pennsylvania was made by Israel-based Unitronics, according to the U.S. Cybersecurity and Infrastructure Security Agency. Known as a programmable logic controller, it is used across a wide spectrum of industries including water and sewage-treatment utilities, electric companies and oil and gas producers. Experts say many water utilities have paid insufficient attention to cybersecurity. In Pennsylvania, the hack prompted the water authority to temporarily halt pumping Saturday in a remote station that regulates water pressure for customers in two nearby towns.

Persons: John Fetterman, Bob Casey, Chris Deluzio, ”, ” Fetterman, Casey, Deluzio, General Merrick Garland, “, ‘, Israel ’, Matthew Mottes, We’ve, that’s, ” Mottes, Sergey Shykevich, Unitronics, Crews, Biden Organizations: U.S . Justice Department, U.S . Rep, Municipal Water Authority, Twitter, U.S, Cybersecurity, Infrastructure Security Agency, Environmental Protection Agency Locations: HARRISBURG, Pa, Pittsburgh, Sens, Pennsylvania, United States, Israel, Aliquippa , Pennsylvania, Iran, hacktivism, Gaza, U.S, Missouri , Arkansas, Iowa

☆ Israel’s cyber defense chief tells CNN he is concerned Iran could increase severity of its cyberattacks
▼ + stars: | 2023-11-06 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +8 min

So far, suspected Iranian hackers appear to have had minimal impact on their publicly claimed targets in Israel in the last month. But Portnoy said those hackers have been relatively quiet in the latest Israel-Hamas war (Israeli airstrikes have decimated internet infrastructure in Gaza.) “There is a gap between their [cyber] capabilities and their rhetoric,” the official told CNN, referring to Iran-backed hackers. “Even the successful, real cyberattacks are probably not going to be about the actual attack,” John Hultquist, Mandiant’s chief analyst, told CNN. This campaign is “maybe the most sophisticated we have seen from Iran on a technological level,” Sergey Shykevich, threat intelligence group manager at Check Point, told CNN.

Persons: “, ”, Gaby Portnoy, ” Portnoy, Portnoy, –, Christopher Wray, ” Wray, ” Eric Goldstein, CrowdStrike, ” John Hultquist, “ It’s, Solomon, Israel, Adam Meyers, CrowdStrike’s, ” Meyers, Sergey Shykevich Organizations: CNN, Israel National Cyber Directorate, Lebanese, Hezbollah, Palo Alto Networks, Hamas, Infrastructure Security Agency, FBI, Boston Children’s Hospital, ” CNN, Iranian, United Nations, “, Islamic Revolutionary Guard Corps Locations: Iran, Israel, Saudi Arabia, East, Iranian, Syria, Iraq, Tehran, –, Palo, Gaza, Palestine, China, Russia

☆ It's not just you: Cybercriminals are also using ChatGPT to make their jobs easier
▼ + stars: | 2023-02-26 | by ( Hannah Getahun | ) www.businessinsider.com time to read: +8 min

ChatGPT can quickly generate targeted phishing emails or malicious code for malware attacks. AI companies could be held liable for chatbots counseling criminals since Section 230 may not apply. Sergey Shykevich, a lead ChatGPT researcher at cybersecurity company Checkpoint security, has already seen cybercriminals harness the AI's power to create code that can be used in a ransomware attack. In dealing with unlawful or criminal content on their sites from third-party users, most tech companies cite Section 230 of the Communications Decency Act of 1996. In addition, ChatGPT continues to implement guardrails to deter illegal activity, although these guardrails can often be sidestepped with the right script.

☆ 'Phishing-as-a-service' kits are driving an uptick in theft: What you can learn from one business owner's story
▼ + stars: | 2023-02-06 | by ( Dawn Giel | ) www.cnbc.com time to read: +11 min

While Christmas shopping for his young daughter, he received a call from a person claiming to be from the Chase fraud department and asking to verify a suspicious transaction. Unfortunately, for victim of these schemes, the bank isn't always required to repay the stolen funds. CNBC has reviewed Mullenaux's cellular records, bank account information, as well as images of the text message and link he was sent. He immediately drove to his local Chase bank branch where he was told he had likely been the victim of fraud. Legally, banks do not have to reimburse stolen funds when a customer is tricked into sending money to a cybercriminal.

Search resuls for: "Sergey Shykevich"

5 mentions found