Security Boulevard

SEPTEMBER 30, 2022

A statement from the Ukrainian government issued earlier this week warns energy enterprises inside of Ukraine and those of allies worldwide to increase alert for potential cyberattacks related to current Russia-Ukraine war dynamics. (1) 8 ) Germany seized further energy assets tied to Russia ( 9 ) from Ukraine recapturing some territory. (

Energy and Utilities 128

Energy and Utilities DDOS Government Malware 128

Security Affairs

OCTOBER 4, 2021

ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia. ChamelGang is a new APT group that was first spotted in March by researchers at security firm Positive Technologies, it targets Russian companies in the energy and aviation industry.

Energy and Utilities 123

Energy and Utilities Malware Technology Antivirus 123

Security Affairs

SEPTEMBER 21, 2020

The US FERC and NERC published a study on cyber incident response at electric utilities that also includes recovery best practices. Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) released a study on cyber incident response and recovery best practices for electric utilities.

Energy and Utilities 121

Energy and Utilities Advertising Cyber Attacks Hacking 121

Krebs on Security

AUGUST 22, 2019

This type of point-of-sale malware is capable of copying data stored on a credit or debit card’s magnetic stripe when those cards are swiped at compromised payment terminals. But typically, such breaches occur when cybercriminals manage to remotely install malicious software on a retailer’s card-processing systems.

Energy and Utilities 278

Energy and Utilities Retail Data breaches Marketing 278

The Hacker News

JULY 5, 2023

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages.

Energy and Utilities 99

Energy and Utilities Ransomware Malware 99

Security Affairs

DECEMBER 6, 2021

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. SecurityAffairs – hacking, Colorado Electric Utility). Pierluigi Paganini.

Energy and Utilities 110

Energy and Utilities Cyber Attacks Ransomware Data breaches 110

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 101

Energy and Utilities Ransomware Malware Government 101

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing 99

Phishing Energy and Utilities Advertising Engineering 99

SecureWorld News

JANUARY 16, 2025

To ensure energy security and economic stability, protecting the infrastructure is essential. A report from 2023 revealed that 67% of energy and utility companies faced ransomware attacks, with many incidents exploiting unpatched vulnerabilities. Incident response plans: Organizations should have tested recovery plans in place.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

CyberSecurity Insiders

JUNE 26, 2023

Numerous gas and fuel filling stations throughout Canada experienced significant disruptions in processing credit card and reward points-based payments due to a cyber attack on Suncor Energy, the parent company. NOTE- Ransomware is a form of malware that encrypts data within an infected database until a ransom is paid.

Energy and Utilities 86

Energy and Utilities Ransomware Cryptocurrency Cyber Attacks 86

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It describes malware being iterated by hackers who’ve clearly been doing this for a long while.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

CSO Magazine

JULY 12, 2021

Several programmable logic controllers (PLCs) from Schneider Electric’s Modicon series that automate industrial processes in factories, energy utilities, HVAC systems and other installations are impacted by a flaw that could allow hackers to bypass their authentication mechanism and execute malicious code.

Authentication 142

Authentication Energy and Utilities CSO Malware 142

SecureList

FEBRUARY 27, 2023

Kaspersky mobile cyberthreat detection dynamics in 2020–2022 ( download ) Cybercriminals continued to use legitimate channels to spread malware. The spread of malware through Google Play continued as well. Harly malware programs were downloaded a total of 2.6 million times from Google Play in 2022. percentage points.

Mobile 143

Mobile Malware Adware Banking 143

SecureList

DECEMBER 16, 2021

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. We dubbed the newly-identified malware PseudoManuscrypt. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries.

Spyware 135

Spyware Energy and Utilities Malware VPN 135

Hacker Combat

AUGUST 6, 2021

The disclosure cantered on the Mail-O malware when the attackers attempted to access Russian federal officials’ emails. Then, SentinelOne thought it was related to a malware variant called manager or PhantomNet created by TA428. Group-IB performed an in-depth analysis of the malware families used by the attackers.

Government 111

Government Malware Energy and Utilities Cyber Attacks 111

Joseph Steinberg

MAY 12, 2021

In late 2016, hackers, perhaps acting on behalf of the Russian government, utilized multiple pieces of malware to both knock out power to large segments of Ukraine and to simultaneously disable the phone communications capabilities of the impacted power providers, thereby complicating recovery efforts.

Energy and Utilities 219

Energy and Utilities Ransomware Artificial Intelligence Cyber Attacks 219

The Last Watchdog

OCTOBER 25, 2021

There are several methods of active defense that companies can utilize to safeguard their networks, and it’s time for CISOs to start picking. Attackers use tools and features that are already available in the systems they’re targeting so they look like legitimate users — until they steal your crown jewels. But you can fight back.

Energy and Utilities 214

Energy and Utilities Cyber Attacks Mobile CISO 214

CSO Magazine

NOVEMBER 30, 2022

Believed to have launched in December 2021, Ransom Cartel has made victims of organizations from among the education, manufacturing, utilities, and energy sectors with aggressive malware and tactics that resemble those used by REvil. To read this article in full, please click here

Energy and Utilities 96

Energy and Utilities Ransomware Manufacturing Education 96

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. The conspirators designed the Triton malware to prevent the refinery’s safety systems from functioning (i.e., ” continues the DoJ.

Government 115

Government Energy and Utilities Malware Hacking 115

Krebs on Security

DECEMBER 12, 2018

But in a marketing email sent to FICO members on Tuesday advertising its new benchmarking feature, FICO accidentally exposed the FICO Cyber Risk Score of energy giant ExxonMobil. The October analysis by the Chamber and FICO gives U.S. businesses an overall score of 687 on a scale of 300-850. ARE YOU EXPERIANSED?

Cyber Risk 247

Cyber Risk Energy and Utilities Risk Marketing 247

CyberSecurity Insiders

SEPTEMBER 29, 2021

Division D: Energy: Title 1: Subtitle B: Cybersecurity.

Energy and Utilities 108

Energy and Utilities Cybersecurity Technology Architecture 108

SecureList

APRIL 27, 2023

Further analysis revealed that the malware is signed with valid certificates and appears to have a connection to the threat actor Winnti, a connection established through several overlaps such as shared infrastructure, code signing and victimology. The threat actor utilized embedded Proton Mail and Gmail addresses for data exfiltration.

Energy and Utilities 145

Energy and Utilities Malware Government Manufacturing 145

Security Affairs

DECEMBER 16, 2021

The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked Lazarus APT group in attacks aimed at the defense industry. The PseudoManuscrypt loader is delivered via a Malware-as-a-Service (MaaS) platform that distributes the malicious code in pirated software installer archives.

Spyware 138

Spyware Energy and Utilities Malware Engineering 138

Security Affairs

MAY 19, 2020

Real-Life Examples of Spear-Phishing Attacks in the Energy Production Sector. The threat of spear-phishing for energy companies is, unfortunately, not a theoretical one. Downloading them infected a user’s system with a type of trojan spyware not previously seen in other utilities industry cyberattacks. Not a New Concern.

Energy and Utilities 122

Energy and Utilities Phishing Advertising Technology 122

Security Affairs

SEPTEMBER 6, 2018

Schneider Electric announced that some of the USB drives it has shipped with its Conext ComBox and Conext Battery Monitor products were infected with malware. Both products are part of the solar energy offering of the vendor. These USB removable media contain user documentation and non-essential software utilities.

Malware 80

Malware Energy and Utilities Manufacturing Media 80

Security Affairs

DECEMBER 17, 2021

Conti operators run a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections. Recently the Conti gang hit the attack on the Australian energy CS Energy and threaten to leak the stolen files. ” continues AdvIntel.

Ransomware 137

Ransomware Energy and Utilities Cybercrime Malware 137

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 98

Energy and Utilities Ransomware Backups Malware 98

The Last Watchdog

MARCH 4, 2019

In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT security systems. Allegedly developed by US and Israeli operatives, Stuxnet was discovered circulating through Iranian nuclear energy facilities in 2010.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212

Security Affairs

AUGUST 31, 2022

Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. The Italian energy sector appears to be under attack, over the weekend, Italy’s energy agency Gestore dei Servizi Energetici SpA was hit by a cyber attack. It’s not clear who was responsible for the breach.

Energy and Utilities 107

Energy and Utilities Ransomware Cyber Attacks Hacking 107

Security Affairs

NOVEMBER 29, 2020

. “During this past year, dozens of digitally signed variants of this once commodity malware started to reappear in the threat landscape, reigniting interest in this old malware family.” Experts observed several samples of the malware that were digitally signed with valid certificates issued by Certum.

Energy and Utilities 136

Energy and Utilities Malware Government Healthcare 136

SecureList

OCTOBER 18, 2024

The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others. To maintain access to the system, the attackers used the NSSM and Localtonet utilities. First, they obtained the NTDS.dit dump with the Ntdsutil utility. and Babuk.

Energy and Utilities 125

Energy and Utilities VPN Encryption Ransomware 125

Security Affairs

JANUARY 28, 2020

Snake Ransomware was first detected by researchers from MalwareHunterTeam last week and analyzed it with the support of the popular malware analysts Vitali Kremez. Then the malware encrypts the files on the system, skipping Windows system files and folders. “Using an already “proven” malware (i.e. ” concludes OTORIO.

Ransomware 127

Ransomware Energy and Utilities Manufacturing Malware 127

Cisco Security

NOVEMBER 9, 2021

Interest in industrial control systems (ICS) security has shot up in response to cyberattacks on organizations like the city of Oldsmar’s water utility , Honda , Merck , Maersk , and Johannesburg’s electric utility. Manufacturers, energy and water utilities, mines, ports, railways, roadways, and more.

Energy and Utilities 145

Energy and Utilities Architecture Manufacturing IoT 145

Security Affairs

MAY 9, 2020

30), we have observed three SilverTerrier actors/groups launch a series of 10 COVID-19 themed malware campaigns.” ” Between January 30 and April 30, 2020, the researchers observed three SilverTerrier groups launching ten COVID-19-themed malware campaigns, some of them also targeted organizations involved in the COVID-19 response.

Healthcare 100

Healthcare Government Energy and Utilities Insurance 100

Security Affairs

DECEMBER 26, 2023

2️ Cyber Attacks Against Energy (Oil & Gas) and Nuclear Sectors Critical infrastructure across all domains continues to remain a focal point for cyber-attacks, orchestrated by both cybercriminal elements and nation-state actors.

Cyber threats 137

Cyber threats Energy and Utilities Artificial Intelligence Cyber Attacks 137

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Energy and Utilities 134

Energy and Utilities Ransomware Financial Services Manufacturing 134

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” The court order allowed authorities to use the Moobot malware to copy and delete stolen and malicious data and files from compromised routers.

Energy and Utilities 132

Energy and Utilities Government Firewall Malware 132