In a statement, the High Society alliance has announced a significant cyber attack in Spain. The group claims to have hacked a large number of FTP servers across the country, uploading their software to gain full control over these servers. The details of the compromised servers are also listed in the…
Tag: CRITICAL INFRASTRUCTURE
Summary: This article discusses a recent ransomware attack by the Ransomhub group on an Industrial Control Systems (ICS) of a Spanish bioenergy plant, highlighting the dangers of cyberattacks on ICS. Threat Actor: Ransomhub | Ransomhub Victim: Spanish bioenergy plant | Spanish bioenergy plant Key Po…
Summary: This content discusses the increasing use of operational relay box (ORB) networks by China-linked state-backed hackers for cyberespionage operations, posing challenges in detection and attribution. Threat Actor: China-linked state-backed hackers | China-linked state-backed hackers Victim: N…
Summary: The content discusses the actions taken by the US administration to strengthen critical infrastructure sectors, such as healthcare and water utilities, in order to fight ransomware and enhance resilience. Threat Actor: N/A Victim: N/A Key Point : National Cyber Director Harry Coker Jr. anno…
Summary: Hacktivist group Ikaruz Red Team is using leaked ransomware builders to target critical infrastructure in the Philippines, as part of a growing trend among politically motivated groups aiming to disrupt the country’s operations. Threat Actor: Ikaruz Red Team | Ikaruz Red Team Victim: Philip…
Summary: This article discusses the importance of making software bills of materials (SBOMs) more easily shareable in order to enhance visibility into enterprise software supply chains and improve security. Threat Actor: N/A Victim: N/A Key Point: Software bills of materials (SBOMs) are crucial for…
Summary: The U.S. Securities and Exchange Commission (SEC) has announced that the Intercontinental Exchange Inc. (ICE), which owns the New York Stock Exchange (NYSE), will pay a $10 million penalty for failing to timely report a VPN breach in April 2021. Threat Actor: N/A Victim: Intercontinental Ex…
Summary: The US government’s Advanced Research Projects Agency for Health (ARPA-H) is funding the development of technology to automate the process of securing hospital IT environments through a program called UPGRADE. Threat Actor: None mentioned. Victim: Hospitals and medical facilities. Key Point…
Summary: The Environmental Protection Agency (EPA) has reported that over 70% of water systems in the US fail to meet security standards, making them vulnerable to cyberattacks that can disrupt water sanitation and wastewater systems nationwide. Threat Actor: Cybercriminals | Cybercriminals Victim:…
Summary: Veeam has warned its customers about a critical security vulnerability in its Backup Enterprise Manager (VBEM) that allows unauthenticated attackers to sign into any account, urging users to patch the vulnerability or take mitigation measures. Threat Actor: Unauthenticated attackers | unaut…
CISA issued a StopRansomware alert on ALPHV/Blackcat, highlighting new C2 indicators and the Kill Chain activities associated with the threat actors. Infoblox argues its suspicious DNS domain feeds can surface and block these domains earlier, potentially breakβ¦
Summary: The content discusses the expanding enterprise attack surface and the challenges faced by security teams in managing and securing it. Threat Actor: N/A Victim: N/A Key Point : The enterprise attack surface is expanding, leading to more vulnerabilities and specific targets. Network segmentat…
Summary: This content discusses the challenges faced by security teams in consolidating and analyzing data from various sources to defend against cyber attacks. Threat Actor: N/A Victim: N/A Key Point : Security teams often work with a technology stack composed of hardware, software, and data from d…
Summary: The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks. Threat Actor: N/A Victim: N/A Key Point : The Norwegian NCSC a…
Summary: Two previously unknown backdoors, LunarWeb and LunarMail, have been discovered compromising the foreign affairs ministry of a European country. The campaign is attributed to Turla, a hacking group believed to be connected to the Russian Federal Security Service (FSB). Threat Actor: Turla |…