Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 98

Energy and Utilities Ransomware Backups Malware 98

SecureList

APRIL 27, 2023

Further analysis revealed that the malware is signed with valid certificates and appears to have a connection to the threat actor Winnti, a connection established through several overlaps such as shared infrastructure, code signing and victimology. The threat actor utilized embedded Proton Mail and Gmail addresses for data exfiltration.

Energy and Utilities 145

Energy and Utilities Malware Government Manufacturing 145

Security Affairs

JULY 25, 2019

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack. The energy utility informed its customers via Twitter of the ransomware attack that encrypted its network, including all its databases and applications.

Energy and Utilities 105

Energy and Utilities Ransomware Advertising Encryption 105

SecureList

MAY 25, 2021

Several versions were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes and encryption keys. We will describe some notable variants of the JSWorm family encountered during the history of this malware. Encryption flaws.

Ransomware 139

Ransomware Encryption Malware Energy and Utilities 139

CyberSecurity Insiders

OCTOBER 14, 2021

As per the Prima facie available with Cybersecurity Insiders, the impact of the malware incident could only be limited to systems operating in America with no other regions affected. Note 1- This is not the first time that the IT Infrastructure of Olympus have been targeted by a file encrypting malware attacks.

Ransomware 94

Ransomware Energy and Utilities Manufacturing Cyber Attacks 94

Security Affairs

NOVEMBER 29, 2020

. “During this past year, dozens of digitally signed variants of this once commodity malware started to reappear in the threat landscape, reigniting interest in this old malware family.” Experts observed several samples of the malware that were digitally signed with valid certificates issued by Certum.

Energy and Utilities 136

Energy and Utilities Malware Government Healthcare 136

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs. Organizations can accomplish this task by using a sophisticated security platform to encrypt data handled by IoT devices.

IoT 122

IoT Risk Energy and Utilities Healthcare 122

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” The court order allowed authorities to use the Moobot malware to copy and delete stolen and malicious data and files from compromised routers.

Energy and Utilities 131

Energy and Utilities Government Firewall Malware 131

The Last Watchdog

MARCH 13, 2019

This will be led by the manufacturing, consumer, transportation and utilities sectors. The bar has been lowered for anyone with malicious intent to deploy a Mirai-variant botnet designed to cryptomine, launch denial of service attacks or function as malware distribution proxies. more than the $646 billion spent in 2018.

Internet 189

Internet Internet IoT Energy and Utilities 189

SecureList

MARCH 13, 2025

Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents. Anti-detection techniques Head Mare continued to use the Masquerading technique (T1655), naming utility executables like standard operating system files. doc" --include "*.docx" pdf" --include "*.xls"

Energy and Utilities 79

Energy and Utilities Software Accountability Phishing 79

Security Affairs

SEPTEMBER 9, 2020

K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stages – generation, transmission and distribution – of producing and delivering energy to consumers. million customers and around 10,000 people.

Ransomware 144

Ransomware Energy and Utilities VPN Advertising 144

Security Affairs

JUNE 6, 2024

The FBI is inviting victims of LockBit ransomware to come forward because it has obtained over 7,000 LockBit decryption keys that could allow them to recover their encrypted data for free. The NCA reached out to victims based in the UK providing support to help them recover encrypted data. on January 5, 2020.

Energy and Utilities 135

Energy and Utilities Ransomware Encryption Financial Services 135

SecureList

DECEMBER 1, 2023

DroxiDat, a lean variant of SystemBC that acts as a system profiler and simple SOCKS5-capable bot, was detected at an electric utility company. The C2 (command and control) infrastructure for the incident involved an energy-related domain, ‘powersupportplan[.]com’, com’, that resolved to an already suspicious IP host.

Malware 138

Malware Ransomware Encryption Energy and Utilities 138

CyberSecurity Insiders

FEBRUARY 1, 2022

With quantum computing looming in the not-so-distant future, the way that we think about encryption will need to evolve. Most of our current online privacy protocols utilize cryptography to maintain privacy and data integrity. However, the complex math behind creating encryption keys is no match for the power of quantum computers.

Risk 134

Risk Social Engineering Threat Detection Encryption 134

SecureList

AUGUST 10, 2023

Recently we pushed a report to our customers about an interesting and common component of the cybercrime malware set – SystemBC. Regardless, this increased utilities targeting is a real world problem with serious potential consequences, especially in areas where network outages may affect customers on a country-wide basis.

Energy and Utilities 98

Energy and Utilities Ransomware Malware Healthcare 98

Security Affairs

AUGUST 27, 2024

” This malware, designed specifically for Versa Director, currently has zero detections on VirusTotal. The malware is developed through Apache Maven, it was built on June 3, 2024, and attaches itself to the Apache Tomcat process on execution. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

Energy and Utilities 128

Energy and Utilities Firewall Technology Malware 128

Herjavec Group

SEPTEMBER 24, 2021

Solar BR Coca-Cola A partnership venture between The Coca-Cola Company and two other large domestic manufacturers and distributors of beer, soft drinks, juices, energy drinks and dairy products. Malware analysis of recent BlackMatter samples demonstrate the group has used the following TTPs during their attacks [6], [7] : .

Ransomware 109

Ransomware Manufacturing Encryption Energy and Utilities 109

Security Affairs

FEBRUARY 21, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free.

Energy and Utilities 131

Energy and Utilities Ransomware Manufacturing Financial Services 131

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Electric grid utilities are deploying smart meters to better correspond to consumers energy demands while lowering costs. Once installed, the malware “phoned home” to a command-and-control network run by the hacking group, which enabled them to enter the network and take further action. Encryption. Internet Of Things.

IoT 96

IoT Manufacturing Energy and Utilities Data collection 96

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware. costing an estimated $18.88

Social Engineering 120

Social Engineering Energy and Utilities Phishing Internet 120

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware 135

Malware Banking Energy and Utilities Accountability 135

SC Magazine

JULY 13, 2021

It affects Modicon models M340, M580 and others, which are found in “millions” of controllers used in building services, automation, manufacturing, energy utilities and HVAC systems. The post Major authentication and encryption weaknesses discovered in Schneider Electric, outdated ICS systems appeared first on SC Media.

Authentication 61

Authentication Encryption Energy and Utilities Media 61

Security Affairs

FEBRUARY 20, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. on January 5, 2020.

Energy and Utilities 131

Energy and Utilities Ransomware Manufacturing Financial Services 131

eSecurity Planet

MARCH 14, 2022

Cobalt Strike – now owned by HelpSystems – provides various packages and tools to detect outdated software, generate malware , test endpoints , or run spear phishing campaigns that maximize success rate. While that’s true, it requires time, effort, and energy. Detecting Cobalt Strike Attacks.

Energy and Utilities 131

Energy and Utilities DNS Penetration Testing Ransomware 131

Malwarebytes

JUNE 16, 2023

Whether this means that customers of the popular file transfer utility MOVEit Transfer can ask for their money back remains to be seen, but we do hope it signals the end of the game. Reportedly , two US Department of Energy (DOE) entities were also compromised. Stop malicious encryption. Detect intrusions.

Energy and Utilities 93

Energy and Utilities Ransomware Government Backups 93

SecureList

NOVEMBER 23, 2021

Reducing the life cycle of malware. To avoid detection, more and more cybercriminals are adopting the strategy of frequently upgrading malware in their chosen family. The evolution of modern MaaS platforms makes it much easier for malware operators globally to use this strategy. Threats to OT. P stands for perseverance.

Spyware 137

Spyware Phishing Cybercrime Energy and Utilities 137

SecureWorld News

APRIL 25, 2024

Due to the attack, thousands of street lamps remained illuminated throughout the day, wasting significant energy and money. Council staff were unable to remotely control or fix the lighting systems as the malware had locked them out. However, the lighting issue was just the tip of the iceberg.

Cyber Attacks 95

Cyber Attacks Energy and Utilities Cyber Risk Risk 95

Spinone

MARCH 10, 2019

There are constantly new headlines, blog posts, statistics, and other information pointing to the fact that security breaches, malware, ransomware, data leak events, phishing and other security concerns are not going away. Data is driving business for most organizations who utilize technology to carry out normal business operations.

Ransomware 53

Ransomware Backups Energy and Utilities Encryption 53

SecureList

NOVEMBER 14, 2023

The malware posed as ransomware, demanding money from the victims for “decrypting” their data. However, instead of encrypting the data, it purposefully destroyed it in the affected systems. Creating a botnet involves stealthy installation of malware on a multitude of devices without the device owners’ knowledge.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureList

JANUARY 31, 2024

It is far easier to restore the operation of encrypted IT systems (for example, from backups) than it is to resolve even a technically simple issue affecting vehicles scattered across a wide area (for example, removing malware that prevents a truck engine from starting or cuts the power inside a ship).

Ransomware 115

Ransomware Energy and Utilities Marketing Backups 115

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. Data is available on a number of RF protocols including Cellular, Bluetooth, Bluetooth Low Energy, Wi-Fi, and IEEE 802.15.4. Encrypt files everywhere. Read more here.

Technology 145

Technology Firewall VPN Authentication 145

Thales Cloud Protection & Licensing

OCTOBER 23, 2023

However, simple actions like adopting multi-factor authentication (MFA) or encrypting sensitive data everywhere should be exercised throughout the year and not just during that month. The threat of attacks against Critical National Infrastructure (CNI) – energy, utilities, telecommunications, and transportation – is a top priority.

Energy and Utilities 77

Energy and Utilities Cybersecurity Ransomware Technology 77

SecureList

JUNE 20, 2022

Such ‘objects’, as referred to here, point to things such as malware and hijacked servers, which, when put together and ‘manipulated’, inform the technical attribution process. the education, energy, or fintech sectors). Some of these tools have even been created by threat actors themselves.

Energy and Utilities 103

Energy and Utilities Data collection Malware Cybersecurity 103

Security Affairs

MAY 10, 2021

From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” Colonial Pipeline is not the first organization in the oil and energy industry targeted by the Darkside ransomware gang, in February the group the Brazilian state-owned electric utility company Copel.

Ransomware 144

Ransomware Energy and Utilities Healthcare Cybercrime 144

CyberSecurity Insiders

NOVEMBER 30, 2021

Treasury, Commerce, State, Energy, and Homeland Security departments, government agencies and the presidential administration were forced to rapidly evaluate what exactly went wrong — and how to right the sails. By Samuel Hutton, SVP North America, Glasswall. In the calm after the massive SolarWinds breach in 2020 that impacted the U.S.

Cybersecurity 125

Cybersecurity Energy and Utilities Government Technology 125

Jane Frankland

JANUARY 12, 2025

Sectors like energy, healthcare, transportation, utilities, and financial systems are increasingly at risk because they are integral to national security and daily life. AI Malware will become smarter, and capable of learning from detection attempts and adapting in real time to evade security barriers.

Cybersecurity 130

Cybersecurity CISO Insurance IoT 130