{"id":48036,"date":"2022-04-05T09:21:19","date_gmt":"2022-04-05T01:21:19","guid":{"rendered":"https:\/\/version-2.com\/?p=48036"},"modified":"2022-05-30T10:42:17","modified_gmt":"2022-05-30T02:42:17","slug":"your-weekly-ics-ot-security-news-digest-march-31st","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/04\/your-weekly-ics-ot-security-news-digest-march-31st\/","title":{"rendered":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

\"\"<\/p>\n\n

Our research team has put together all of the most relevant news topics in the ICS, IT, Ransomware & OT security fields, as well as their impacts and their expert recommendations:<\/p>\n

<\/div>\n

In this edition, it\u2019s all about ransomware!<\/p>\n

Ransomware<\/u><\/strong><\/h2>\n
    \n
  1. \n

    Title: Lapsus$ Extortion Group \u2013 Samsung, Okta, Microsoft, & Vodafone Breaches
    <\/h2>\n
    Description: Over the past few weeks, Lapsus$ group breached a number of international companies, including NVIDIA and Samsung (see previous newsfeed article<\/a>).
    An analysis of the leaked Samsung source code revealed that more than 6,600 secret keys<\/strong>, including private keys, usernames and passwords, AWS keys, Google keys, and GitHub keys, were leaked    [1]<\/a>.
    Okta, an identity management and authentication services provider, was also affected by a cyberattack claimed by the group<\/strong>, by compromising their thin client, a system that connects remotely into a virtual environment to carry out tasks    [2]<\/a>.
    The group successfully compromised Microsoft and released the source code of Microsoft\u2019s Azure DevOps server<\/strong> for various internal projects, including for Bing, Cortana, and Bing Maps    [3]<\/a>.
    Lapsus$ also claimed to have breached Vodafone, and threatened to leak the Vodafone source code<\/strong>. While this is still under investigation, the company claimed no customer data was stolen    [4]<\/a>.
    Attack Parameters: Lapsus$ compromise systems to steal source code, customer lists, databases, and other valuable data, then attempt to extort the victim with ransom demands not publicly to leak the data. They primarily focus on obtaining compromised credentials for initial access using the following methods    [5]<\/a>:\n
      \n
    1. Deploying Redline password stealer to obtain passwords and session tokens.<\/li>\n
    2. Buying credentials and session tokens on criminal underground forums.<\/li>\n
    3. Paying employees at targeted organizations for access to credentials and MFA approval.<\/li>\n
    4. Searching public code repositories for exposed credentials.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

      The group also uses RDP and VDI to remotely access a business\u2019 environment. <\/p>\n

      Impact: <\/p>\n

        \n
      1. Samsung<\/strong> \u2013 it is unclear whether the keys compromise the TrustZone, which stores sensitive data and creates a security barrier for Android malware attacks.<\/li>\n
      2. Okta<\/strong> \u2013 The company claimed that only 2.5% of the customers were impacted by this attack. Lapsus$ responded to Okta\u2019s announcement and revealed that they did not compromise an Okta employee\u2019s laptop but their thin client[6]<\/a>.
        This attack potentially enables an attacker to provision themselves administrator-level access into Okta\u2019s customers\u2019 applications        [7]<\/a>. <\/li>\n
      3. Microsoft<\/strong> \u2013 no customer data was compromised. Microsoft released a statement that viewing the source code does not lead to elevation of risk.<\/li>\n<\/ol>\n

        SCADAfence Coverage: RDP connections can be tracked, monitored, and alerted upon with the User Activity Analyzer<\/a>.<\/p>\n

        Recommendations: Following are additional best practices recommendations:<\/p>\n

          \n
        1. Make sure that secure offline backups of critical systems are available and up-to-date.<\/li>\n
        2. Apply the latest security patches on the assets in the network.<\/li>\n
        3. Use unique passwords and multi-factor authentication on authentication paths to OT assets.<\/li>\n
        4. Encrypt sensitive data when possible.<\/li>\n
        5. Educate staff about the risks and methods of ransomware attacks and how to avoid infection.<\/li>\n<\/ol>\n
            \n
          1. \n

            Title: Bridgestone America\u2019s Ransomware Attack
            <\/h2>\n
            Description: Bridgestone America was hit by a ransomware attack which caused it to shut down the computer network and production at its factories in North and Middle<\/strong> America<\/strong> for about a week. LockBit claimed this attack            [8]<\/a>.

            Attack Parameters: \n
              \n
            1. Initial Access<\/strong> \u2013 LockBit operators often gain access via compromised servers, RDP accounts, spam email or by brute forcing insecure RDP or VPN credentials.<\/li>\n
            2. Execution<\/strong> \u2013 LockBit is executed via command line or created scheduled tasks.<\/li>\n
            3. Credential Access<\/strong> \u2013 LockBit was observed using Mimikatz to gather credentials.<\/li>\n
            4. Lateral Movement<\/strong> \u2013 LockBit can self-propagate using SMB. PsExec and Cobalt Strike were used to move laterally within the network[9]<\/a>.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

              Impact: Manufacturing and retreading facilities in Latin America and North America were disconnected to contain the attack and prevent potential impact. Bridgestone is a major supplier of tires for Toyota vehicles, and was a part of a supply chain attack on Toyota.
              <\/p>\n

              SCADAfence Coverage: <\/p>\n

                \n
              1. The SCADAfence Platform<\/a> detects command execution using CMD and the creation of scheduled tasks.<\/li>\n
              2. The SCADAfence Platform also detects the use of Mimikatz, PsExec, and Cobalt Strike.<\/li>\n
              3. RDP and SMB connections can be tracked with the User Activity Analyzer<\/a>.<\/li>\n<\/ol>\n

                Recommendations: Following are additional best practices recommendations:<\/p>\n

                  \n
                1. Make sure that secure offline backups of critical systems are available and up-to-date.<\/li>\n
                2. Apply the latest security patches on the assets in the network.<\/li>\n
                3. Use unique passwords and multi-factor authentication on authentication paths to OT assets.<\/li>\n
                4. Encrypt sensitive data when possible.<\/li>\n
                5. Educate staff about the risks and methods of ransomware attacks and how to avoid infection.<\/li>\n<\/ol>\n
                    \n
                  1. \n

                    Title: AvosLocker Ransomware is Targeting U.S. Critical Infrastructure
                    <\/h2>\n
                    Description: The FBI released an advisory which includes IOCs used to detect and block AvosLocker<\/strong>, a RaaS (Ransomware as a Service) affiliate-based group that has targeted multiple critical infrastructure sectors in the United States including financial services, critical manufacturing, and government facility sectors                    [10]<\/a>.
                    Targets: The AvosLocker leak site claims to have hit victims in the United States, Syria, Saudi Arabia, Germany, Spain, Belgium, Turkey, the United Arab Emirates, the United Kingdom, Canada, China, and Taiwan.
                    Attack Parameters: AvosLocker encrypts files and steals sensitive information to convince the victim to pay the ransom. The attackers may also launch DDoS attacks against the victim during negotiations                    [11]<\/a>.
                    Impact: Unknown due to limited information published.

                    <\/li>\n<\/ol>\n

                    Recommendations: The FBI advised against paying a ransom, and encouraged businesses to report any ransomware attacks to help prevent future incidents. An advisory was published providing IOCs that can be used to detect and defend against this ransomware.
                    Following are additional best practices recommendations:<\/p>\n

                      \n
                    1. Make sure that secure offline backups of critical systems are available and up-to-date.<\/li>\n
                    2. Apply the latest security patches on the assets in the network.<\/li>\n
                    3. Use unique passwords and multi-factor authentication on authentication paths to OT assets.<\/li>\n
                    4. Encrypt sensitive data when possible.<\/li>\n
                    5. Educate staff about the risks and methods of ransomware attacks and how to avoid infection.<\/li>\n<\/ol>\n

                      Additional resources to the aforementioned updates:<\/p>\n

                      [1]<\/a> https:\/\/www.securityweek.com\/thousands-secret-keys-found-leaked-samsung-source-code<\/a><\/p>\n

                      [2]<\/a> https:\/\/www.bleepingcomputer.com\/news\/security\/okta-confirms-25-percent-customers-impacted-by-hack-in-january\/<\/a>, https:\/\/thehackernews.com\/2022\/03\/lapsus-hackers-claim-to-have-breached.html<\/a><\/p>\n

                      [3]<\/a> https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-confirms-they-were-hacked-by-lapsus-extortion-group\/<\/a>, https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-investigating-claims-of-hacked-source-code-repositories\/<\/a><\/p>\n

                      [4]<\/a> https:\/\/securityaffairs.co\/wordpress\/128903\/cyber-crime\/vodafone-investigates-data-breach.html?<\/a><\/p>\n

                      [5]<\/a> https:\/\/thehackernews.com\/2022\/03\/microsoft-and-okta-confirm-breach-by.html<\/a><\/p>\n

                      [6]<\/a> https:\/\/securityaffairs.co\/wordpress\/129422\/data-breach\/okta-says-375-customers-impacted-by-data-breach.html?<\/a><\/p>\n

                      [7]<\/a> https:\/\/www.darkreading.com\/attacks-breaches\/ransomware-group-s-claim-that-it-hacked-okta-prompts-concerns-of-another-solarwinds<\/a><\/p>\n

                      [8]<\/a> https:\/\/threatpost.com\/bridgestone-hit-as-ransomware-torches-toyota-supply-chain\/178998\/<\/a><\/p>\n

                      [9]<\/a> https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/ransomware-spotlight\/ransomware-spotlight-lockbit#:~:text=LockBit%20first%20emerged%20as%20the,it%20for%20the%20long%20haul<\/a>.<\/p>\n

                      [10]<\/a> https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-avoslocker-ransomware-targets-us-critical-infrastructure\/<\/a><\/p>\n

                      [11]<\/a> https:\/\/www.securityweek.com\/us-critical-infrastructure-targeted-avoslocker-ransomware<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

                      \n\t\t\t\t
                      \n\t\t\t\t\t\t\t
                      \t\t
                      \n\t\t\t\t\t\t
                      \n\t\t\t\t\t\t
                      \n\t\t\t\t\t
                      \n\t\t\t
                      \n\t\t\t\t\t\t
                      \n\t\t\t\t
                      \n\t\t\t\t\t

                      About Version 2 Digital<\/h3>

                      Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

                      \nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

                      \n\t\t\t\t\t\t
                      \n\t\t\t\t\t\t
                      \n\t\t\t\t\t
                      \n\t\t\t
                      \n\t\t\t\t\t\t
                      \n\t\t\t\t
                      \n\t\t\t\t\t\t\t\t\t

                      <\/p>\n

                      About SCADAfence<\/strong>
                      SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT\/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world\u2019s most complex OT networks, including Europe\u2019s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

                      Our research team has put together all of the most rele […]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[488,417,61],"tags":[418,489],"class_list":["post-48036","post","type-post","status-publish","format-standard","hentry","category-488","category-scadafence","category-press-release","tag-scadafence","tag-489"],"acf":[],"yoast_head":"\nYour Weekly ICS \/ OT Security News Digest \u2013 March 31st - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st - Version 2\" \/>\n<meta property=\"og:description\" content=\"Our research team has put together all of the most rele […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-05T01:21:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-05-30T02:42:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/your-weekly-ics-ot-security-news-digest-march-31st\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Your Weekly ICS \\\/ OT Security News Digest \u2013 March 31st\",\"datePublished\":\"2022-04-05T01:21:19+00:00\",\"dateModified\":\"2022-05-30T02:42:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/your-weekly-ics-ot-security-news-digest-march-31st\\\/\"},\"wordCount\":1053,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/blog.scadafence.com\\\/hubfs\\\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1\",\"keywords\":[\"SCADAfence\",\"2022\"],\"articleSection\":[\"2022\",\"SCADAfence\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/04\\\/your-weekly-ics-ot-security-news-digest-march-31st\\\/\",\"url\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st\",\"name\":\"Your Weekly ICS \\\/ OT Security News Digest \u2013 March 31st - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/blog.scadafence.com\\\/hubfs\\\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1\",\"datePublished\":\"2022-04-05T01:21:19+00:00\",\"dateModified\":\"2022-05-30T02:42:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/blog.scadafence.com\\\/hubfs\\\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/blog.scadafence.com\\\/hubfs\\\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/your-weekly-ics-\\\/-ot-security-news-digest-march-31st#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Your Weekly ICS \\\/ OT Security News Digest \u2013 March 31st\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st","og_locale":"zh_HK","og_type":"article","og_title":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st - Version 2","og_description":"Our research team has put together all of the most rele […]","og_url":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st","og_site_name":"Version 2","article_published_time":"2022-04-05T01:21:19+00:00","article_modified_time":"2022-05-30T02:42:17+00:00","og_image":[{"url":"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"7 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/04\/your-weekly-ics-ot-security-news-digest-march-31st\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st","datePublished":"2022-04-05T01:21:19+00:00","dateModified":"2022-05-30T02:42:17+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/04\/your-weekly-ics-ot-security-news-digest-march-31st\/"},"wordCount":1053,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1","keywords":["SCADAfence","2022"],"articleSection":["2022","SCADAfence","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/04\/your-weekly-ics-ot-security-news-digest-march-31st\/","url":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st","name":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#primaryimage"},"image":{"@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1","datePublished":"2022-04-05T01:21:19+00:00","dateModified":"2022-05-30T02:42:17+00:00","breadcrumb":{"@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#primaryimage","url":"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1","contentUrl":"https:\/\/i0.wp.com\/blog.scadafence.com\/hubfs\/SCADAfence%20Ransomware%20ICS%20Newsfeed.png?w=958&ssl=1"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.scadafence.com\/your-weekly-ics-\/-ot-security-news-digest-march-31st#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Your Weekly ICS \/ OT Security News Digest \u2013 March 31st"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-cuM","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48036","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=48036"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48036\/revisions"}],"predecessor-version":[{"id":48043,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/48036\/revisions\/48043"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=48036"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=48036"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=48036"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}