Security News > 2022 > November > Hackers breach energy orgs via bugs in discontinued web server
Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.
The attackers gained access to the internal networks of the hacked entities via Internet-exposed cameras on their networks as command-and-control servers.
While Recorded Future didn't expand on the attack vector, Microsoft said today that the attackers exploited a vulnerable component in the Boa web server, a software solution discontinued since 2015 that's still being used by IoT devices.
Boa being one of the components used for signing in and accessing the management consoles of IoT devices, significantly increases the risk of critical infrastructure being breached via vulnerable and Internet-exposed devices running the vulnerable web server.
Attackers can exploit these security flaws without requiring authentication to execute code remotely after stealing credentials by accessing files with sensitive information on the targeted server.
Tata Power breached using Boa web server vulnerabilities.
News URL
Related news
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- New HTTP/2 DoS attack can crash web servers with a single connection (source)
- Targus discloses cyberattack after hackers detected on file servers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)