ICMP Archives - Cyber Security Minute

New PowerDrop Malware Targeting U.S. Aerospace Industry

Issued by: The Hacker News

An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. “PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption,” according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. “The name is derived from…

Vulnerabilities

Many Healthcare, OT Systems Exposed to Attacks by NUCLEUS:13 Vulnerabilities

Issued by: Security Week

Collectively referred to as NUCLEUS:13, the issues likely affect safety-critical devices, such as anesthesia machines, patient monitors and other types of devices used in healthcare. Other types of operational technology (OT) systems are also impacted. The most important of the newly identified issues is CVE-2021-31886 (CVSS score of 9.8), a stack-based buffer overflow that exists…