mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

9K
active users

#operationaltechnology

1 post1 participant0 posts today

Investigating Iranian Intrusion into Strategic Middle East Critical Infrastructure

This report details a prolonged Iranian state-sponsored intrusion into critical national infrastructure in the Middle East from May 2023 to February 2025. The threat actors employed various tactics including web shells, custom malware, and legitimate tools to maintain persistent access across multiple network segments. Key findings include the use of novel malware families like HanifNet and NeoExpressRAT, as well as extensive credential harvesting and lateral movement techniques. The intrusion demonstrated sophisticated evasion capabilities and targeted attempts to access operational technology networks. Forensic analysis revealed potential links to previously reported Iranian APT campaigns. The report provides detailed technical indicators and recommends enhanced logging, EDR deployment, and multi-factor authentication to defend against similar threats.

Pulse ID: 681a66fd8309a0fad22d97ae
Pulse Link: otx.alienvault.com/pulse/681a6
Pulse Author: AlienVault
Created: 2025-05-06 19:46:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

The best ICS testing results don’t come from a single approach. Onsite testing has to be risk-averse, and lab testing can uncover deeper vulnerabilities. The key? A combined approach…
 
OT environments don't stand up to regular IT pen testing. Any pen tester that doesn't fully understand that could easily destroy systems and take out critical infrastructure.
 
By strategically selecting devices for lab testing based on onsite insights, you get the best of both worlds without unnecessary risk or cost.
 
In our latest blog, Head of Hardware Andrew Tierney explains how this method finds hidden threats in ICS networks: pentestpartners.com/security-b

Schutz vor Angriffen auf die Operational-Technology

Interview mit Cybershield

Wie kann man sich am besten vor Angriffen auf die Operational-Technology schützen? Dazu sprach Netzpalaver im Remote-Interview mit Christian Schlehuber, Geschäftsführer bei Cybershield.

#Betriebssicherheit #Cybersecurity #Cybershield #Netzwerksegmentierung #OperationalTechnology #OTSecurity #Security #SecurityAwareness #Sicherheitsbewusstsein

youtu.be/1Lm1b2MKrc4?si=kKNjnL via
@YouTube