International Cyber Expo International Cyber Expo
  • About Us
Friday, 17 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Pro-Russian hacking group snared by Forescout Vedere Labs honeypot

The group logged into the Human Machine Interface (HMI) for defacement, process disruption, manipulation and evasion

by Guru Writer
October 9, 2025
in Cyber Crime, Featured, Hacking, Industrial Internet of Things
Salt Security Announces Industry First Solution to Secure API Actions Taken by AI Agents
Share on FacebookShare on Twitter

Forescout Vedere Labs published a report exposing how a pro-Russian hacktivist group was duped into thinking they had hacked a European water facility, unaware their target was in fact a carefully crafted honeypot.

 

This “hack” provided Forescout researchers the rare opportunity to see first-hand how these groups look for and exploit weaknesses in critical infrastructure. Attackers were able to break in with default credentials, deface the human-machine interface and tamper with PLC settings. The group, that went by TwoNet at the time, even tried to pass it off as a real-world breach by bragging about it on their telegram channel.

 

It’s yet another reminder to critical service providers that threat actors are actively targeting our most vulnerable services, with a honeypot last year designed to look like a healthcare clinic attracting cybercrimnals who attempted to deploy ransomware.

 

Forescout Vedere Labs offered the following mitigation advice:

  • Eliminate weak authentication
  • Remove direct internet exposure
  • Segment rigorously
  • Harden admin interfaces
  • Require authentication on all IoT/OT admin interfaces:
    • Include web UIs and proprietary engineering ports
    • Disable anonymous/default accounts and enforce strong, unique credentials
  • Monitor with IoT/OT-aware, deep packet inspection (DPI)
  • DPI should have protocol-aware detection (Modbus, S7, etc.) that creates alerts for: exploitation, password guessing, unauthorized writes, and changes in human machine interfaces (HMI).
  • Watch for outbound and “dual use”

 

To read the full account – read the team’s blog here.

 

ShareTweet
Previous Post

New research from VerifyLabs.AI highlights the nation’s fears when it comes to deepfakes

Next Post

How Important are Accessible Website Designs in 2025?

Recent News

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

July 16, 2026
Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

July 15, 2026
Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

July 15, 2026
Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026

Eskenzi PR banner ad

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol