A newly developed PLC malware does not require physical access to target an ICS environment, is mostly platform neutral, and is more resilient than traditional malware aimed at critical infrastructure.
Tag: CRITICAL INFRASTRUCTURE
The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their site and infrastructure. […]
As artificial intelligence (AI) technologies advance, researchers are voicing concerns about the possibility of AI-fueled cyber-physical attacks on critical US infrastructure. Last month, the FBI warned that Chinese hackers might impair critical sectors such as water treatment, electrical, and trans…
Ransomware cybercrime gangs GhostSec and Stormous have teamed up in widespread double-extortion attacks.
Yet challenges remain as many nation’s policies for the email authentication protocol remain lax and could run afoul of Google’s and Yahoo’s restrictions.
In 2023, a majority of African economies witnessed a decline in overall cyber threats, signaling a positive trend. However, notable exceptions were observed, with Kenya experiencing a substantial 68% increase in ransomware attacks, while South Africa encountered a notable 29% surge in phishing incid…
The Linux Foundation last week announced the launch of an open source digital financial transaction monitoring platform. The new platform, Tazama, is meant to provide powerful, scalable, and cost-effective monitoring of digital payments, to make advanced financial monitoring more broadly available,…
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware.
“Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and
Insidious Taurus (also known as Volt Typhoon) is a PRC-aligned APT that pre-positions inside U.S. critical infrastructure by exploiting internet-facing devices and chaining compromised SOHO equipment into covert relay networks such as the KV-botnet. Their tool…
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major…
The Importance of Patching: An Analysis of the Exploitation of N-Day Vulnerabilities | Fortinet Blog
Fortinet analyzes the exploitation of known Fortinet N-Day vulnerabilities in FortiOS, detailing multi-cluster malware activity that uses living-off-the-land techniques and persistence mechanisms to target government and critical infrastructure. The report lin…
U.S. agencies warn that PRC-aligned Volt Typhoon actors have been pre-positioning long‑term access in U.S. critical-infrastructure IT environments—using living-off-the-land techniques, valid credentials, and covert proxying to enable lateral movement toward OT…
If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved by cyber security experts. So Morphisec has created a comprehensive cyber security glossary that explains commonly…
Iranian intelligence and military, along with contractors, target democratic processes in Western countries, including the 2020 US election.
A colossal wave of stolen personal identifiable information (PII) from Thailand has crashed onto the shores of the dark web, marking a disturbing escalation in cybercriminal activities. This massive leak, unprecedented in its scale and audacity, has exposed the personal data of millions, casting a l…