US Energy Utilities Targeted by FlowCloud Malware

Data Breach Today

energy providers have been targeted by a spear-phishing campaign attempting to spread a recently discovered Trojan called FlowCloud, according to Proofpoint research. Proofpoint Analysts Find Connections Between New Trojan and Other Attacks Several U.S.

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. In early August, the expert reported that between July 19 and July 25, 2019, several spear-phishing emails were identified? targeting three US companies in the utility sector.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

New APT ChamelGang Targets energy and aviation companies in Russia

Security Affairs

ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia. The attackers placed collected data on web servers on the compromised network and then downloaded them using the Wget utility.

Coronavirus-themed campaign targets energy sector with PoetRAT

Security Affairs

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. . The malware infected ICS and SCADA systems used to control the wind turbines within the renewable energy sector.

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

Phishing complaints were reported over 300,000 times in 2021 to IC3, the only Internet crime to crack 100,000+ complaints. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about. Cybercrime is a growth industry like no other.

FERC issues notice of proposed rulemaking to extend reporting requirements for cyberattacks targeting the energy sector

Data Protection Report

DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. The hackers used tactics such as phishing emails and watering-hole attacks. In response to such concerns, regulatory agencies are increasing reporting requirements for cyberattacks targeting the energy sector. Compliance and risk management cybercrime Data breach cyber attack data breach Energy FERC regulationOn July 23 and 25, 2018, the U.S.

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. energy facilities. The U.S.

Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

Security Affairs

Russia-linked cyber-espionage group hacked the Ukrainian energy company Burisma at the center of the impeachment trial of US President Donald Trump. Once credentials are phished, attackers are able to operate covertly within an organization in pursuit of their goal.”

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. According to the indictment, the campaigns against the energy sector campaign involved two phases.

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

“The joint efforts of Proofpoint and PwC researchers provide a moderate confidence assessment that recent campaigns targeting the federal government, energy, and manufacturing sectors globally may represent recent efforts by TA423 / Red Ladon.”

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

IT Governance

August 2022 has been a lesson in being careful with whom you provide sensitive information. In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems.

The Ongoing Cyber Threat to Critical Infrastructure

Thales Cloud Protection & Licensing

The threat of attacks against Critical National Infrastructure (CNI) – energy, utilities, telecommunications, and transportation – is now front of mind for many. The Ongoing Cyber Threat to Critical Infrastructure. divya. Thu, 07/21/2022 - 12:28.

Cloud 68

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

Princess Cruises and Holland America Line caught out by phishing scam (unknown). South African utility provider Eskom is still feeling effects of a cyber security incident (unknown). Tandem Diabetes Care notifies patients of phishing incident (unknown).

Scanning for Flaws, Scoring for Security

Krebs on Security

But in a marketing email sent to FICO members on Tuesday advertising its new benchmarking feature, FICO accidentally exposed the FICO Cyber Risk Score of energy giant ExxonMobil. The marketing email was quickly recalled and reissued in a redacted version, but it seems ExxonMobil’s score of 587 puts it in the “elevated” risk category and somewhat below the mean score among large companies in the Energy and Utilities sector, which was 637.

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

The attacks targeted a major utility provider, a university, and a government agency in the United States, a health agency in Canada, a health insurance provider, an energy company in Australia, and a European medical publishing company to deliver various malware families.

State Attackers Moving from Stealing Data to Social Meddling

Ascent Innovations

The utilities and energy industries experienced high indicators of attack activity, suggests that attackers have access to critical infrastructure and are waiting to exploit this access. Phishing. Email phishing remains the top malware delivery mechanism. State actors tend to zero in on government agencies or utilities and energy targets. State Attackers Moving from Stealing Data to Social Meddling.

How Cobalt Strike Became a Favorite Tool of Hackers

eSecurity Planet

Cobalt Strike – now owned by HelpSystems – provides various packages and tools to detect outdated software, generate malware , test endpoints , or run spear phishing campaigns that maximize success rate. While that’s true, it requires time, effort, and energy.

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs. Vulnerable devices could be used to spread malware within the enterprise, used for corporate espionage, surveillance of personnel, or plan whaling phishing campaigns. As most of us know, IoT devices are on the rise in enterprise networks.

Cloud 97

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stages – generation, transmission and distribution – of producing and delivering energy to consumers.

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT security systems. Allegedly developed by US and Israeli operatives, Stuxnet was discovered circulating through Iranian nuclear energy facilities in 2010. Today, if you examine any high-profile data breach, you’re likely to find memory-hacking techniques utilized at multiple key stages of the attack.

US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw

Security Affairs

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. These executables are both downloaders that utilize powershell to load the PUPY RAT. It was highly speculated that spear phishes were involved, but not a lot of information around the initial vectors was published.”

List of data breaches and cyber attacks in May 2021 – 116 million records breached

IT Governance

unknown) Criminal hackers attack Ehrmann, demand millions in ransom (unknown) Criminal hackers attack Energy Hamburg Radio (unknown) Chemical distribution company Brenntag paid a $4.4 For the second month in a row, ransomware has dominated our list of data breaches and cyber attacks.

The State of Blockchain Applications in Cybersecurity

eSecurity Planet

For advantages, private blockchains are more scalable and energy-efficient with suggested use cases of banking and supply chain management. Utilizing their open standard Blokcerts, companies can transparently manage identities and activity on a real-time secure blockchain.

Weekly podcast: ICS attacks, Reddit and SIM swap arrests

IT Governance

A new report from Cybereason has highlighted the alarming scale and variety of attacks faced by ICS or industrial control systems, and it seems that it’s not only nation-state attackers but also opportunistic traditional cybercriminals that are now targeting utility providers. For the next few days,” Cybereason says, “the honeypot was hit with cryptomining bots, phishing bots, DDoS bots, activity that Internet-connected assets typically experience”.

IT 41

The Hacker Mind Podcast: Cyber Ranges

ForAllSecure

So every one of the attacks you they might have does a wonderful job and it do a great job of I'll say, having a nice taxonomy where you can kind of see here's my simple way to think about as if all of your tax your testing, I'll say a spear phishing or the same technique. Rossi: So the weather spear phishing drive, I got the box, laterally moved compromised data, took it all out. If you want to get to put the energy into it.

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

This is ransomware, starting with a phishing attack. It's individual pieces of it that fall apart and become a nightmare for that company or that utility or whatever. You've had some partnerships with the Department of Energy and also with Sisa.