Energy and Utilities and VPN - Cyber Security Informer

Monitoring the dark web to identify threats to energy sector organizations

Security Affairs

MAY 17, 2023

Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations. Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations.

Energy and Utilities

Energy and Utilities Cybercrime Data collection Hacking

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities

Energy and Utilities Passwords VPN Healthcare

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

SecureList

OCTOBER 18, 2024

The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others. The attackers used a contractor’s login information to connect to the victim’s internal systems via a VPN. zip hxxp://localtonet.com/download/localtonet-win-64.zip

Energy and Utilities

Energy and Utilities VPN Encryption Ransomware

Cyber Threat warning issued to all internet connected UPS devices

CyberSecurity Insiders

APRIL 1, 2022

The alert was issued on a joint note by the Department of Energy and FBI and urges all critical facilities to review the security of their power back up solutions to the core. UPS Devices are emergency power backup solutions that offer electric power help in the time of emergency to hospitals, industries, data centers and utilities.

Cyber threats

Cyber threats Internet Internet Energy and Utilities

PseudoManuscrypt: a mass-scale spyware attack campaign

SecureList

DECEMBER 16, 2021

of all computers attacked by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in various industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. According to our telemetry, at least 7.2%

Spyware

Spyware Energy and Utilities Malware VPN

Iranian Hackers Target U.S. Water Facility

SecureWorld News

DECEMBER 1, 2023

The utility's general manager, Robert J. The attack has been linked to CyberAv3ngers, an Iranian-backed group known for its focus on targeting Israeli water and energy sites. If remote access is necessary, implement a Firewall/VPN in front of the PLC to control network access to the remote PLC. We only serve 15,000 people.

Energy and Utilities

Energy and Utilities VPN Authentication Passwords

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

SEPTEMBER 9, 2020

K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stages – generation, transmission and distribution – of producing and delivering energy to consumers. Consider installing and using a VPN.

Ransomware

Ransomware Energy and Utilities VPN Advertising

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Most of the impacted organizations are in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems sectors.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2%

Spyware

Spyware Energy and Utilities Malware Engineering

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Telecommunications Technology Government

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ CVE-2019-19781 enabled the actors to execute directory traversal attacks.[

Government

Government VPN Firmware Energy and Utilities

UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT

Security Affairs

JULY 1, 2021

The attacks took place between mid-2019 and early 2021, the Russia-linked threat actor used a Kubernetes cluster to conduct anonymized brute force access against hundreds of government organizations and businesses worldwide, including think tanks, defense contractors, energy firms. ” reads the joint report.

Energy and Utilities

Energy and Utilities VPN Government Passwords

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Firewall Technology Malware

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. A new panel with VPN metrics has been added.

Technology

Technology Firewall VPN Authentication

Microsoft Targets Critical Outlook Zero-Day Flaw

eSecurity Planet

MARCH 16, 2023

Block TCP 445/SMB outbound from your network by using a perimeter firewall, a local firewall, and via your VPN settings. “An unauthenticated attacker can exploit this vulnerability by sending a specially crafted packet to a targeted server that utilizes the HTTP Protocol Stack (http.sys) to process packets,” Walters observed.

Energy and Utilities

Energy and Utilities Authentication Firewall Ransomware

Herjavec Group BlackMatter Ransomware Profile

Herjavec Group

SEPTEMBER 24, 2021

on “VPN and other time-consuming types of initial access”? [1] Solar BR Coca-Cola A partnership venture between The Coca-Cola Company and two other large domestic manufacturers and distributors of beer, soft drinks, juices, energy drinks and dairy products. has publicly?claimed?that that they do not spend much time?on suggesting?this

Ransomware

Ransomware Manufacturing Encryption Energy and Utilities

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

Energy, transport and utilities — in an attempt to gain a foothold in the critical infrastructure of a “potential adversary” just in case, and to use it to develop other attacks (see examples above). Update firewalls and SSL VPN gateways in good time.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Kali Linux Penetration Testing Tutorial: Step-By-Step Process

eSecurity Planet

APRIL 7, 2023

You may use a VPN or install utilities to capture and forward traffic to other subnets, or configure proxychains. Besides, attacking tools can send multiple probes or headers along with their requests (e.g., during scanning and discovery), which can be detected and blocked by security tools.

Penetration Testing

Penetration Testing Social Engineering Energy and Utilities Hacking

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

Hybrid, or mixed local/cloud networks require virtual private network (VPN) infrastructure between environments. Virtual Appliances are licensed based on the number of devices managed in five sizes: extra small (up to 100), small (up to 1,000), medium (up to 5,000), large (up to 10,000), and extra large (up to 20,000).

IoT

IoT Technology Energy and Utilities Wireless

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

Industroyer2 was discovered in the network of a Ukrainian energy provider, and it is very unlikely that the attacker would have been able to develop it without access to the same ICS equipment as used by the victim. Some of them were particularly sophisticated.

DDOS

DDOS Ransomware Government Energy and Utilities

Evolution of JSWorm ransomware

SecureList

MAY 25, 2021

Energy and Utilities (10%), Finance (10%), Professional and Consumer Services (10%), Transportation (7%), and Healthcare (7%) were also at the top of their list. Make sure commercial VPN solutions and other server-side software are always up to date as exploitation of this type of software is a common infection vector for ransomware.

Ransomware

Ransomware Encryption Malware Energy and Utilities

Potential cybersecurity impacts of Russia’s invasion of Ukraine

Malwarebytes

FEBRUARY 25, 2022

Its operators seem to leverage vulnerabilities in external-facing servers while utilizing compromised account credentials to gain access and spread the malware further. Current analyses of HermeticWiper reveal that the malware is being delivered in highly-targeted attacks in Ukraine, Latvia, and Lithuania.

Cybersecurity

Cybersecurity Ransomware Malware Government

Cyber Security Informer

Monitoring the dark web to identify threats to energy sector organizations

China-linked APT Silk Typhoon targets IT Supply Chain

Trending Sources

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

Cyber Threat warning issued to all internet connected UPS devices

PseudoManuscrypt: a mass-scale spyware attack campaign

Iranian Hackers Target U.S. Water Facility

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

PseudoManuscrypt, a mysterious massive cyber espionage campaign

FBI chief says China is preparing to attack US critical infrastructure

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Microsoft Targets Critical Outlook Zero-Day Flaw

Herjavec Group BlackMatter Ransomware Profile

Threats to ICS and industrial enterprises in 2022

Kali Linux Penetration Testing Tutorial: Step-By-Step Process

Forescout Platform: NAC Product Review

Reassessing cyberwarfare. Lessons learned in 2022

Evolution of JSWorm ransomware

Potential cybersecurity impacts of Russia’s invasion of Ukraine

Stay Connected