Energy and Utilities, Information Security and Security

CISA JCDC Will Focus on Energy Sector

Security Affairs

APRIL 5, 2023

This effort began with the 2018 establishment of the Cybersecurity and Infrastructure Security Agency (CISA) , a Department of Homeland Security division. Strengthen operational integration and collaboration with members of the energy sector. Not long after, attackers targeted six stations in the Pacific Northwest.

Energy and Utilities

Energy and Utilities Risk Cybersecurity Compliance

Monitoring the dark web to identify threats to energy sector organizations

Security Affairs

MAY 17, 2023

Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations. Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations.

Energy and Utilities

Energy and Utilities Sales Access Data collection

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

DMEA Colorado electric utility hit by a disruptive cyberattack

Security Affairs

DECEMBER 6, 2021

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. SecurityAffairs – hacking, Colorado Electric Utility). Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Ransomware Data breaches Security

FERC, NERC joint report on cyber incident response at electric utilities

Security Affairs

SEPTEMBER 21, 2020

The US FERC and NERC published a study on cyber incident response at electric utilities that also includes recovery best practices. Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) released a study on cyber incident response and recovery best practices for electric utilities.

Energy and Utilities

Energy and Utilities Compliance Communications Cybersecurity

Breach Reveal: PG&E Exposed 30,000 Sensitive Records

Data Breach Today

AUGUST 28, 2018

Previously Unnamed Utility Reached Record $2.7 energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.

Information Security

Information Security Cybersecurity Security IT

New APT ChamelGang Targets energy and aviation companies in Russia

Security Affairs

OCTOBER 4, 2021

ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia. ChamelGang is a new APT group that was first spotted in March by researchers at security firm Positive Technologies, it targets Russian companies in the energy and aviation industry. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Phishing IT Access

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. a cyber event disrupted energy grid operations in California, Wyoming, and Utah. and 7 p.m., and 7 p.m.,

Energy and Utilities

Energy and Utilities Communications Manufacturing Risk

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing

Phishing Energy and Utilities Privacy Security

NERC $10,000,000 Fine of Public Utility Highlights the Need for Cybersecurity Preparedness and CIP Compliance Programs

Data Matters

FEBRUARY 26, 2019

power grid because “many of the violations involved long durations, multiple instances of noncompliance, and repeated failures to implement physical and cyber security protections.” Critically, the utility had in place an internal compliance program at the time of the violations. Settlement Agreement at 12.

Energy and Utilities

Energy and Utilities Compliance Cybersecurity Risk

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Recent U.S.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). ENTIRELY, CERTIFIABLY PREVENTABLE.

Security

Security Energy and Utilities Risk Data breaches

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities

Energy and Utilities Ransomware Encryption Manufacturing

Threat actors breached the network of the Italian oil company ENI

Security Affairs

AUGUST 31, 2022

Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected. The post Threat actors breached the network of the Italian oil company ENI appeared first on Security Affairs. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Ransomware Access Marketing

Security Affairs newsletter Round 344

Security Affairs

DECEMBER 12, 2021

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 344 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Security Ransomware Libraries

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. According to the indictment, the campaigns against the energy sector campaign involved two phases. and international Energy Sector organizations.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Puerto Rico was hit by a major cyberattack

Security Affairs

JANUARY 27, 2022

In March 2021, Puerto Rico Electric Power Authority (PREPA) power utility confirmed early this week that it has been hacked over the weekend. In June 2021, a large fire at the Luma’s Monacillo electrical substation in San Juan for Puerto Rico’s new electricity provider, Luma Energy, caused major blackouts across Puerto Rico on Thursday.

Energy and Utilities

Energy and Utilities Access Security IT

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Security Affairs

OCTOBER 9, 2022

Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more than 90% of the energy supplied to a wide range of customers in South Africa and the Southern African Development Community (SADC) region. This week, security experts reported that ESKOM Hld SOC Ltd was having some server issues.

Energy and Utilities

Energy and Utilities Ransomware Access Sales

Tiao Discusses Utilities’ Concerns in Sharing Information with the Government

Hunton Privacy

APRIL 28, 2014

Tiao was featured on Platts Energy Week discussing the importance of the homeland security partnership between electric utility companies and the U.S. View the Platts Energy Week feature with Paul Tiao. government. In the feature, “U.S. The leak of the memo has undermined that trust.

Energy and Utilities

Energy and Utilities Government Risk Security

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

Mint Sandstorm also used custom tools in selected targets, notably organizations in the energy and transportation sectors. The group rapidly weaponized N-day vulnerabilities in popular enterprise applications by using publicly disclosed POCs.

Energy and Utilities

Energy and Utilities Military Education Phishing

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. Additionally, the US authorities has unveiled indictments against two Russian nationals, accusing them of conspiring to carry out LockBit attacks.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Conti ransomware gang exploits Log4Shell bug in its operations

Security Affairs

DECEMBER 17, 2021

Recently the Conti gang hit the attack on the Australian energy CS Energy and threaten to leak the stolen files. “The current exploitation led to multiple use cases through which the Conti group tested the possibilities of utilizing the Log4J2 exploit. ” continues AdvIntel. Pierluigi Paganini.

Ransomware

Ransomware Energy and Utilities IT Libraries

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

Energy utilities and oil and gas, but also water utilities and transportation systems, are privileged targets of nation-state actors. ” concludes the report.

Energy and Utilities

Energy and Utilities Education Ransomware IT

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. .” Additionally, the US authorities has unveiled indictments against two Russian nationals, accusing them of conspiring to carry out LockBit attacks. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

FBI confirmed that Darkside ransomware gang hit Colonial Pipeline

Security Affairs

MAY 10, 2021

Colonial Pipeline is not the first organization in the oil and energy industry targeted by the Darkside ransomware gang, in February the group the Brazilian state-owned electric utility company Copel. The post FBI confirmed that Darkside ransomware gang hit Colonial Pipeline appeared first on Security Affairs.

Ransomware

Ransomware Energy and Utilities Encryption Marketing

Johannesburg residents left in the dark after a ransomware attack at City Power

Security Affairs

JULY 25, 2019

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack. The energy utility informed its customers via Twitter of the ransomware attack that encrypted its network, including all its databases and applications.

Energy and Utilities

Energy and Utilities Ransomware Encryption IT

Norton Crypto, the controversial cryptomining feature of Norton 360

Security Affairs

JANUARY 7, 2022

@Norton @TheHackersNews @WIRED @CondeNast @hacks4pancakes @SwiftOnSecurity Norton is installing a Cryptocurrency miner called Norton Crypto (NCrypt.exe) on end user systems with out so much as a dialogue during the install of its security product. The choice to add a crypto miner to a security suite is considered by many users absurd.

Mining

Mining Energy and Utilities Security IT

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2% Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Archiving Authentication

Leak of Grid Vulnerabilities Creates National Security Risks

Hunton Privacy

MARCH 31, 2014

The recent leak of an internal memo to the former Chair of the Federal Energy Regulatory Commission, which was widely reported by national news media, has created a national security setback for the United States. In an article published in Intelligent Utility Update , Hunton & Williams partner Paul M.

Energy and Utilities

Energy and Utilities Risk Security Government

DHS CISA warns of Critical issues in Medtronic Medical equipment

Security Affairs

NOVEMBER 9, 2019

Department of Homeland Security (DHS) warns of critical flaws impacting Medtronic Valleylab products that could allow hackers to overwrite files and achieve remote code execution. Another vulnerability is related to the use of a vulnerable version of the rssh utility in these products to facilitate file uploads. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Cybersecurity Access Passwords

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

The attacks targeted a major utility provider, a university, and a government agency in the United States, a health agency in Canada, a health insurance provider, an energy company in Australia, and a European medical publishing company to deliver various malware families. Pierluigi Paganini. SecurityAffairs – BEC, COVID-19).

Government

Government Energy and Utilities Insurance Phishing

Risky Business Aging critical infrastructure networks and advanced attacks

Thales Cloud Protection & Licensing

MAY 13, 2021

Ransomware is the outcome of the overarching problem of underlying network security shortcomings and unauthorized access to critical infrastructure leaving it vulnerable to cyberattacks. And unfortunately, security is often an afterthought. Data security. The Ugly Truth. Modernizing Critical Infrastructure. Encryption.

Energy and Utilities

Energy and Utilities Encryption Access Ransomware

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Crooks always devise new techniques to evade detection, the Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while bypassing security measures.

Encryption

Encryption Ransomware Energy and Utilities File names

STEPS FORWARD: Math geniuses strive to make a pivotal advance — by obfuscating software code

The Last Watchdog

NOVEMBER 16, 2020

Simply put, iO must be achieved in order to preserve privacy and security while tapping into the next generation of IT infrastructure. It will, of course, be vital to have these next-gen, AI-infused systems run securely, in ways that preserve individual privacy. An intolerable security bottleneck, in fact, is taking shape.

Computer and Electronics

Computer and Electronics Encryption Energy and Utilities Cloud

FERC Approves NERC’s Supply Chain Risk Management Reliability Standards and Directs NERC to Expand Their Scope

Data Matters

OCTOBER 29, 2018

A string of Governmental announcements have increasingly sounded the alarm about the growing cybersecurity threat facing the energy sector. Among other things, these reports have announced that state-sponsored cyber actors have successfully gained access to the control rooms of utilities.

Risk

Risk Energy and Utilities Computer and Electronics Authentication

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. ” reads the security advisory. Government agencies.” CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ 1 ] continues the advisory.

Government

Government Energy and Utilities Healthcare Access

TrickBot member extradited to US faces up to 60 years in prison

Security Affairs

OCTOBER 30, 2021

“Trickbot attacked businesses and victims across the globe and infected millions of computers for theft and ransom, including networks of schools, banks, municipal governments, and companies in the health care, energy, and agriculture sectors,” said Deputy Attorney General Lisa O. 6, in Miami, Florida.”. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Government

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Hunton Privacy

JULY 11, 2017

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. This post has been updated. .

Energy and Utilities

Energy and Utilities Security Cybersecurity Manufacturing

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

OCTOBER 28, 2016

The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).

Cybersecurity

Cybersecurity Energy and Utilities Manufacturing Insurance

China’s Cybersecurity Law Undergoes Third Reading

Hunton Privacy

NOVEMBER 2, 2016

The relevant industry sectors include public communication and information services, energy, transportation, water resources utilization, finance, public service and e-government affairs. The State Council will formulate the specific scope of “key information infrastructures” and the required security protection measures.

Cybersecurity

Cybersecurity Energy and Utilities Communications Government

CISA JCDC Will Focus on Energy Sector

Monitoring the dark web to identify threats to energy sector organizations

Webinars

Trending Sources

A massive phishing campaign using QR codes targets the energy sector

Webinars

DMEA Colorado electric utility hit by a disruptive cyberattack

FERC, NERC joint report on cyber incident response at electric utilities

Breach Reveal: PG&E Exposed 30,000 Sensitive Records

New APT ChamelGang Targets energy and aviation companies in Russia

DoS attack the caused disruption at US power utility exploited a known flaw

US Utilities Targeted with LookBack RAT in a new phishing campaign

NERC $10,000,000 Fine of Public Utility Highlights the Need for Cybersecurity Preparedness and CIP Compliance Programs

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Scanning for Flaws, Scoring for Security

FBI chief says China is preparing to attack US critical infrastructure

Operation Cronos: law enforcement disrupted the LockBit operation

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

Threat actors breached the network of the Italian oil company ENI

Security Affairs newsletter Round 344

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

US indicted 4 Russian government employees for attacks on critical infrastructure

Puerto Rico was hit by a major cyberattack

Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM

Tiao Discusses Utilities’ Concerns in Sharing Information with the Government

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Conti ransomware gang exploits Log4Shell bug in its operations

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

More details about Operation Cronos that disrupted Lockbit operation

FBI confirmed that Darkside ransomware gang hit Colonial Pipeline

Johannesburg residents left in the dark after a ransomware attack at City Power

Norton Crypto, the controversial cryptomining feature of Norton 360

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Leak of Grid Vulnerabilities Creates National Security Risks

DHS CISA warns of Critical issues in Medtronic Medical equipment

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Risky Business Aging critical infrastructure networks and advanced attacks

Ragnar Ransomware encrypts files from virtual machines to evade detection

STEPS FORWARD: Math geniuses strive to make a pivotal advance — by obfuscating software code

FERC Approves NERC’s Supply Chain Risk Management Reliability Standards and Directs NERC to Expand Their Scope

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

TrickBot member extradited to US faces up to 60 years in prison

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

NHTSA Releases New Automobile Cybersecurity Best Practices

China’s Cybersecurity Law Undergoes Third Reading

Stay Connected