Hackers breach energy organisations via bugs in discontinued web server

On 22 November 2022, Microsoft announced that security flaws affecting an abandoned web server in 2005 had been used to target and compromise organisations in the energy sector. Indeed, several state-sponsored APTs of possible Chinese origin are believed to have targeted several Indian power grid operators, compromising Indian power distribution systems. The attackers allegedly gained access to the internal networks of the hacked entities via cameras exposed to the Internet on their networks as command and control servers. According to Microsoft, the attackers exploited a vulnerable component of the Boa web server, a software solution discontinued since 2015 that is still used by IoT devices.  

Read more about it : here