Accountability, Energy and Utilities and Technology

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Krebs on Security

AUGUST 22, 2019

million new accounts belonging to cardholders from 35 U.S. Hy-Vee said it believes the breach does not affect payment card terminals used at its grocery store checkout lanes, pharmacies or convenience stores, as these systems rely on a security technology designed to defeat card-skimming malware.

Energy and Utilities

Energy and Utilities Retail Data breaches Marketing

GUEST ESSAY: Four essential strategies to bolster cyber resilience in critical infrastructure

The Last Watchdog

MARCH 10, 2025

While any business is a potential target for hackers, critical infrastructure organizations including defense, healthcare, energy, utilities, and financial services companies are perhaps most at risk due to their financial resources. Department of Defense, to global tech giants, to utilities, banks and other vital services.

Energy and Utilities

Energy and Utilities Cyber threats Financial Services Government

FERC, NERC joint report on cyber incident response at electric utilities

Security Affairs

SEPTEMBER 21, 2020

The US FERC and NERC published a study on cyber incident response at electric utilities that also includes recovery best practices. Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) released a study on cyber incident response and recovery best practices for electric utilities.

Energy and Utilities

Energy and Utilities Advertising Cyber Attacks Hacking

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. energy facilities. Separately, law enforcement agencies in the U.S. Dragonfly 2.0,

Marketing

Marketing Energy and Utilities Malware Ransomware

Ukraine-Russia Conflict: Ukraine Alerts Energy Enterprises to Possible Cyberattack Escalation

Security Boulevard

SEPTEMBER 30, 2022

A statement from the Ukrainian government issued earlier this week warns energy enterprises inside of Ukraine and those of allies worldwide to increase alert for potential cyberattacks related to current Russia-Ukraine war dynamics. (1) 8 ) Germany seized further energy assets tied to Russia ( 9 ) from Ukraine recapturing some territory. (

Energy and Utilities

Energy and Utilities DDOS Government Malware

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. technology firm, confirmed receipt of USDoD’s message but asked to remain anonymous for this story.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

CISA JCDC Will Focus on Energy Sector

Security Affairs

APRIL 5, 2023

JCDC will map systemic risk and response by accounting for the following: Understanding inherent risks posed by open-source software used for industrial controls Reduce supply chain risk in critical infrastructure by employing remote monitoring, managed service, and managed security providers.

Energy and Utilities

Energy and Utilities Cyber threats Risk Cyber Risk

Data Encryption Shields the Energy Sector Against Emerging Threats

Thales Cloud Protection & Licensing

JANUARY 13, 2021

Data Encryption Shields the Energy Sector Against Emerging Threats. The energy sector is part of the critical national infrastructure (CNI), and delivers services that are essential for modern life. Energy services companies are a lucrative target for adversaries. Wed, 01/13/2021 - 09:42. Cybersecurity challenges. A recent U.S.

Encryption

Encryption Energy and Utilities Firewall Marketing

GUEST ESSAY: Taking proactive steps to heal the planet — by reducing the impact of video streaming

The Last Watchdog

DECEMBER 3, 2023

It is in this context that it is important to focus on the details of video technology. Encoders, for instance, consume significantly more energy than decoders – sometimes as much as 5 to 10 times as much energy, in comparison. In the past, there was an asynchronous relationship between these two categories of technology.

Energy and Utilities

Energy and Utilities Manufacturing Technology Marketing

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing

Phishing Energy and Utilities Insurance Manufacturing

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

The Last Watchdog

DECEMBER 11, 2022

I recently visited with Thomas Rosteck, Division President of Connected Secure Systems (CSS) at Infineon Technologies , a global semiconductor manufacturer based in Neubiberg, Germany. Energy at the edges. How microcontrollers distribute energy is a very big deal. The result: energy conservation would advance significantly.

Internet

Internet Internet Energy and Utilities IoT

Is the Grid Secure Enough for the Electric Vehicle Influx?

IT Security Guru

NOVEMBER 14, 2022

According to a forecast by the International Energy Agency (IEA), electric car sales are expected to reach an all-time high in 2022. The primary technology to decarbonize the road transport sector, which accounts for 16% of world emissions , is electric automobiles. million EVs in the United States utilizes less than 0.5

Energy and Utilities

Energy and Utilities Accountability Advertising Risk

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

CyberSecurity Insiders

SEPTEMBER 29, 2021

Division D: Energy: Title 1: Subtitle B: Cybersecurity.

Energy and Utilities

Energy and Utilities Cybersecurity Technology Architecture

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. The economic impact of cybercrime on business across the globe continues to reach new levels, with the cost predicted to reach US$10.5

Cyber Risk

Cyber Risk Risk Insurance Energy and Utilities

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. Kenna has a healthy 3rd Party ecosystem of technology partners.

Technology

Technology Firewall VPN Authentication

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT security systems. Virsec is a leading innovator of memory protection technologies. Privilege account credentials are widely available for sale.

Hacking

Hacking Energy and Utilities System Administration Accountability

How AI Could Write Our Laws

Schneier on Security

MARCH 14, 2023

Big energy companies expect action whenever there is a move to end drilling leases for federal lands, in exchange for the tens of millions they contribute to congressional reelection campaigns. It turns out there is a natural opening for this technology: microlegislation. In some cases, the objective of that money is obvious.

Energy and Utilities

Energy and Utilities Artificial Intelligence Technology Government

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

North American Utilities Expand Digital Transformations to Address Vulnerabilities Exposed by COVID-19 Pandemic

CyberSecurity Insiders

JULY 8, 2021

The 2021 ISG Provider Lens Utilities Industry – Services and Solutions report for North America finds lockdowns and social-distancing requirements revealed new vulnerabilities in an industry that traditionally has focused on the risks of weather and natural disasters, the report says.

Digital transformation

Digital transformation Energy and Utilities Marketing Technology

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” APT28 group deployed Python scripts on compromised EdgeRouters to collect and validate stolen webmail account credentials.

Energy and Utilities

Energy and Utilities Government Firewall Malware

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

This will be led by the manufacturing, consumer, transportation and utilities sectors. One recent study demonstrated how, by analyzing readings from a smart home, such as energy consumption, carbon monoxide and carbon dioxide levels, and humidity changes, it was possible to triangulate what someone had for dinner. Likewise, the U.S.

Internet

Internet Internet IoT Energy and Utilities

No Industry Immune to Hacks and Breaches

SecureWorld News

OCTOBER 26, 2023

And as the use of technology continues to increase across all aspects of shipping–from ship networks to offshore installations and shoreside control centres–so does the potential for cybersecurity breaches,' reported Heavylift PFI, quoting Tom Walters, partner at the Hollman Fenwick Willan law firm." A Notice of Privacy Incident issued Oct.

Hacking

Hacking Energy and Utilities Identity Theft Healthcare

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

To this end, some impressive technology has been created to combat the technological side of the issue, to keep hackers and similar bad actors from accessing data and account privileges they shouldn’t. However, the technological side of cybersecurity is no longer the weakest link in a company’s proverbial chain.

Social Engineering

Social Engineering Energy and Utilities Phishing Internet

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ” reads the report published by Mandiant. ” concludes the report.

Energy and Utilities

Energy and Utilities Media Hacking Technology

The mobile malware threat landscape in 2022

SecureList

FEBRUARY 27, 2023

Figures of the year In 2022, Kaspersky mobile products and technology detected: 1,661,743 malicious installers 196,476 new mobile banking Trojans 10,543 new mobile ransomware Trojans Trends of the year Mobile attacks leveled off after decreasing in the second half of 2021 and remained around the same level throughout 2022.

Mobile

Mobile Malware Adware Banking

Tracking the Trackers: For Better or Worse

SecureWorld News

NOVEMBER 27, 2023

Users could log into their account any time to see real time positioning of their tracker. An inexpensive phone could be purchased and left in someone’s bag or car for several days while an app communicates with the user’s account to notify them whenever the phone is on the move. Not so fast.

Wireless

Wireless Energy and Utilities Technology Data privacy

The State of Blockchain Applications in Cybersecurity

eSecurity Planet

JULY 28, 2021

Whether perceived or real, a lack of understanding about blockchain technology has slowed the adoption of advanced distributed database technology in the past decade. We’ll look at what blockchain technology is, how its development relates to cybersecurity, and the state of blockchain-based security solutions.

Cybersecurity

Cybersecurity Cryptocurrency Technology Energy and Utilities

Questions AI Committees Need to Be Asking, But Aren’t

Digital Shadows

NOVEMBER 27, 2024

But in the flood of AI technologies, it’s difficult to know which tools deliver on their promises and which ones are just hype. Committees should also ask how the model authenticates user permissions—is it using an administrative account or acting on behalf of the user?

Energy and Utilities

Energy and Utilities Marketing Manufacturing Engineering

Adoption of Secure Cloud Services in Critical Infrastructure

CyberSecurity Insiders

OCTOBER 28, 2022

Risk assessments including understanding of threat vectors due to introduction of new technologies is not typically or adequately addressed. Cloud services are adopted to meet specific requirements such as a third-party assessment tool, GRC tool, tools for corporate segmentation etc. Using Purdue model for segmentation as a gold standard.

IoT

IoT Architecture Energy and Utilities Firewall

Industrial Switches from different Vendors Impaired by Similar Exposures

Hacker Combat

JUNE 3, 2021

Industrial switches are made using universal firmware developed by Korenix Technology, a leading provider for industrial networking solutions based in Taiwan. These vulnerabilities include: Backdoor account. Energy and power. SEC Consult , a cyber-security consultancy based in Austria, was the first to discover these exposures.

Firmware

Firmware Energy and Utilities Cyber Attacks Surveillance

Report: Increased IIoT Connectivity Leading to Greater Security Risk in Power Grid

SecureWorld News

MARCH 23, 2021

electrical grid provides the country the power to enjoy all the luxuries of modern life and technology. Government Accountability Office (GAO) has released a report, Electricity Grid Cybersecurity , detailing concerns with the cybersecurity of the grid in the U.S. including the electricity grid.

Energy and Utilities

Energy and Utilities Risk Internet Internet

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

5G technology will improve some IoT use cases, thereby adding to the proliferation of IoT devices – a phenomena individuals and organizations aren’t prepared to fully defend in the immediate future. Untrusted proprietary technologies that fail to meet these standards pose lingering threats to their clients and inefficiencies.

Risk

Risk Cybersecurity IoT Wireless

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

We have seen targeted attacks exploiting the vulnerability to target companies in research and development, the energy sector and other major industries, banking, the medical technology sector, as well as telecoms and IT. That library was then loaded by the legitimate MsMpEng.exe by utilizing the DLL side-loading technique.

Malware

Malware Banking Energy and Utilities Accountability

IT threat evolution in Q2 2022. Mobile statistics

SecureList

AUGUST 15, 2022

For instance, J-Lightning Application purported to help users to invest into a Polish oil refinery, a Russian energy company, a Chinese cryptocurrency exchange and an American investment fund. accounted for 89.95% of attacks on Spanish users. These are fraudulent apps that offer users to fill out fake welfare applications. 96,55%).

Mobile

Mobile Adware Banking Malware

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

Medical Technologies (Ultrasound machines, heart monitors, etc.) The Forescout Platform’s ability to work across a wide variety of technologies enables large sprawling enterprises to use a single solution to manage and control network access world wide. Virtual and cloud instances (containers, servers, routers, etc.)

IoT

IoT Technology Energy and Utilities Wireless

The Essential Guide to Horizon Scanning in Compliance and Regulatory Frameworks

Centraleyes

FEBRUARY 23, 2025

In fact, horizon scanning has been used for years in fields like healthcare, technology, and public policy to anticipate challenges before they become problems. Instead of just reacting to whats in your face, youre scanning the distance for troublewhether its new laws, disruptive technologies, or shifts in public expectations.

Energy and Utilities

Energy and Utilities Data privacy Risk Healthcare

Best Strategies to Reduce Generative AI Risk

Centraleyes

JULY 15, 2024

Generative AI stands as one of the most transformative technologies of our era. The rise of generative AI brings forth notable risks that need careful management to ensure the technology benefits society without causing undue harm. At the same time, it enabled users of this new technology to reap it benefits.

Risk

Risk Energy and Utilities Technology Government

Importance of Securing Software with a Zero Trust Mindset

Security Boulevard

MARCH 22, 2022

With the increase of supply chain attacks on everything from logging software like Log4J to takeovers of important JavaScript packages to compromises of network utility tools like SolarWinds, more and more organizations are recognizing the need to adopt a Zero Trust mindset. The inventory should also include service and admin accounts.

Software

Software Architecture Energy and Utilities Risk

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

For example, a popular tactic in spyware attacks is now to send phishing e-mails from compromised corporate mail accounts of a partner organization of the intended victim. And sometimes attackers manage to refrain from using not only any malicious, but also suspicious and untrusted infrastructure.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Hackers Tap into Oldsmar Water Facility

Security Boulevard

FEBRUARY 11, 2021

Because back in July 2020, the NSA and CISA warned of the perfect storm facing critical operations reliant upon operational technology (otherwise known as OT). It’s most likely that account credentials were simply compromised and were unprotected by an effective MFA capability, token-based or otherwise. Yes, that’s it.

Energy and Utilities

Energy and Utilities CISO Risk Penetration Testing

Top Ransomware Attacks in the Cloud in 2018

Spinone

MARCH 10, 2019

Data is driving business for most organizations who utilize technology to carry out normal business operations. Unlike only a decade or so ago, the number of businesses who don’t utilize technology for some type of business-critical operation is few and far between. The stakes today are higher than ever before.

Ransomware

Ransomware Backups Energy and Utilities Encryption

Navy Insider Threat Bust: Encryption, Social Engineering, and Crypto

SecureWorld News

OCTOBER 12, 2021

Could your organization have an insider threat attempting to utilize these same methods and technologies? At the time of his arrest on October 9, 2021, he held two active Top Secret security clearances: one through the Department of Defense and another through the United States Department of Energy (DOE). military relies on.

Social Engineering

Social Engineering Engineering Encryption Cryptocurrency

Application Security Assessment: Protect from Threats in the G Suite Marketplace

Spinone

AUGUST 25, 2020

There are tools ranging from apps for accounting & finance, administration, ERP & logistics, HR & legal, creative tools, web development, office applications, etc. Computers are much better at repetitive tasks that require monotonous activities such as crunching numbers and examining data than humans.

Energy and Utilities

Energy and Utilities Risk Accountability Technology

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

GUEST ESSAY: Four essential strategies to bolster cyber resilience in critical infrastructure

Trending Sources

FERC, NERC joint report on cyber incident response at electric utilities

Actions Target Russian Govt. Botnet, Hydra Dark Market

Ukraine-Russia Conflict: Ukraine Alerts Energy Enterprises to Possible Cyberattack Escalation

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

CISA JCDC Will Focus on Energy Sector

Data Encryption Shields the Energy Sector Against Emerging Threats

GUEST ESSAY: Taking proactive steps to heal the planet — by reducing the impact of video streaming

A massive phishing campaign using QR codes targets the energy sector

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

Is the Grid Secure Enough for the Electric Vehicle Influx?

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

How AI Could Write Our Laws

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

FBI chief says China is preparing to attack US critical infrastructure

North American Utilities Expand Digital Transformations to Address Vulnerabilities Exposed by COVID-19 Pandemic

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

No Industry Immune to Hacks and Breaches

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

The mobile malware threat landscape in 2022

Tracking the Trackers: For Better or Worse

The State of Blockchain Applications in Cybersecurity

Questions AI Committees Need to Be Asking, But Aren’t

Adoption of Secure Cloud Services in Critical Infrastructure

Industrial Switches from different Vendors Impaired by Similar Exposures

Report: Increased IIoT Connectivity Leading to Greater Security Risk in Power Grid

Cybersecurity Risks of 5G – And How to Control Them

IT threat evolution Q3 2021

IT threat evolution in Q2 2022. Mobile statistics

Forescout Platform: NAC Product Review

The Essential Guide to Horizon Scanning in Compliance and Regulatory Frameworks

Best Strategies to Reduce Generative AI Risk

Importance of Securing Software with a Zero Trust Mindset

Threats to ICS and industrial enterprises in 2022

Hackers Tap into Oldsmar Water Facility

Top Ransomware Attacks in the Cloud in 2018

Navy Insider Threat Bust: Encryption, Social Engineering, and Crypto

Application Security Assessment: Protect from Threats in the G Suite Marketplace

Stay Connected