The main cybersecurity news of the week is a cyberattack on JBS Foods. Also in the Jet CSIRT collection is the backstage of The Standoff from the Jet Security Team and new vulnerabilities from Siemens. The news was chosen today by Alexander Akhremchik, a leading analyst of the center for monitoring and responding to incidents of information security Jet CSIRT of Jet Infosystems.
Read more under the cut.
Cyberattack stops Australia's largest meat processing company - JBS Foods
JBS Australia CEO Brent Eastwood confirmed the cyberattack that forced the organization to suspend production. He was unable to predict how long the slaughterhouses and other facilities of the company would be closed.
Later , a statement appeared on the official website of the FBI , according to which the REvil group (also known as Sodinokibi) was behind the attack on JBS. The Bureau urges every organization that has been the victim of a cyberattack to immediately notify the FBI through one of the offices. According to the latest reports , JBS is now ready to rebuild its operations after the incident.
Jet Security Team members spoke about Standoff 2021
Representatives of the Jet Security Team, the Jet Security Team, shared their experience of participating in The Standoff competition, which is held annually as part of the Positive Hack Days. Employees of Jet Infosystems talked about how they prepared for Confrontation, how the current The Standoff differed from the previous ones, and also shared life hacks that will be useful to those who plan to participate in the competition next year. The results of the Standoff are posted on The Standoff 365 website.
RCE vulnerability found in Siemens PLC
Siemens has released official updates to fix a serious vulnerability CVE-2020-15782 in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs). The exploitation of this vulnerability allows an attacker to gain remote access to protected areas of memory and execute arbitrary code. The problem was discovered by Claroty, who reverse engineered the MC7 / MC7 + bytecode used to execute PLC programs.