Many major energy providers in the US face persistent cybersecurity vulnerabilities due to outdated tools and limited visibility, especially on non-standard ports and IPv6 addresses. The report highlights systemic risks, active exploits by nation-state groups, and the need for comprehensive scanning practices. #SilentChollima #ExCobalt
Keypoints
- Researchers analyzed nearly 40,000 IP addresses across 21 energy companies, revealing extensive exposed services.
- Approximately 7% of services operate on non-standard ports, often undetected by common scanning tools.
- Over 5,700 CVEs were identified, with 377 actively exploited by threat actor groups like Silent Chollima and ExCobalt.
- Shared vulnerabilities, such as CVE-2023-38408, were found across multiple organizations, indicating systemic risks.
- The report emphasizes the importance of full port-range scans and IPv6 visibility to improve cybersecurity defenses.
Read More: https://www.helpnetsecurity.com/2025/08/07/us-energy-sector-cybersecurity-vulnerabilities/