Data Breach Today

AUGUST 28, 2018

Previously Unnamed Utility Reached Record $2.7 energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.

Information Security 117

Information Security Cybersecurity Security IT 117

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. a cyber event disrupted energy grid operations in California, Wyoming, and Utah. and 7 p.m., and 7 p.m.,

Energy and Utilities 84

Energy and Utilities Communications Manufacturing Risk 84

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing 78

Phishing Energy and Utilities Privacy Security 78

Data Matters

FEBRUARY 26, 2019

power grid because “many of the violations involved long durations, multiple instances of noncompliance, and repeated failures to implement physical and cyber security protections.” Critically, the utility had in place an internal compliance program at the time of the violations. Settlement Agreement at 12.

Energy and Utilities 66

Energy and Utilities Compliance Cybersecurity Risk 66

Security Affairs

SEPTEMBER 26, 2024

It is widely used for automating machines and processes in industries like manufacturing, energy, and utilities. OpenPLC is an open-source programmable logic controller (PLC) designed to offer a low-cost solution for industrial automation.

Energy and Utilities 127

Energy and Utilities Manufacturing IT Information Security 127

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). ENTIRELY, CERTIFIABLY PREVENTABLE.

Security 205

Security Energy and Utilities Risk Data breaches 205

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Recent U.S.

Energy and Utilities 125

Energy and Utilities Artificial Intelligence Ransomware Data breaches 125

Security Affairs

DECEMBER 12, 2021

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 344 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Energy and Utilities 67

Energy and Utilities Security Ransomware Libraries 67

Security Affairs

AUGUST 31, 2022

Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected. The post Threat actors breached the network of the Italian oil company ENI appeared first on Security Affairs. Pierluigi Paganini.

Energy and Utilities 102

Energy and Utilities Ransomware Access Marketing 102

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Energy and Utilities 114

Energy and Utilities Ransomware Agriculture Financial Services 114

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities 118

Energy and Utilities Communications Military Manufacturing 118

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Ransomware 85

Ransomware Energy and Utilities Encryption Manufacturing 85

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. According to the indictment, the campaigns against the energy sector campaign involved two phases. and international Energy Sector organizations.

Energy and Utilities 100

Energy and Utilities Government Cybersecurity Military 100

Security Affairs

JANUARY 27, 2022

In March 2021, Puerto Rico Electric Power Authority (PREPA) power utility confirmed early this week that it has been hacked over the weekend. In June 2021, a large fire at the Luma’s Monacillo electrical substation in San Juan for Puerto Rico’s new electricity provider, Luma Energy, caused major blackouts across Puerto Rico on Thursday.

Energy and Utilities 105

Energy and Utilities Access Security IT 105

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities 107

Energy and Utilities Communications Military Access 107

Security Affairs

OCTOBER 9, 2022

Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more than 90% of the energy supplied to a wide range of customers in South Africa and the Southern African Development Community (SADC) region. This week, security experts reported that ESKOM Hld SOC Ltd was having some server issues.

Energy and Utilities 94

Energy and Utilities Ransomware Access Sales 94

Hunton Privacy

APRIL 28, 2014

Tiao was featured on Platts Energy Week discussing the importance of the homeland security partnership between electric utility companies and the U.S. View the Platts Energy Week feature with Paul Tiao. government. In the feature, “U.S. The leak of the memo has undermined that trust.

Energy and Utilities 40

Energy and Utilities Government Risk Security 40

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities 106

Energy and Utilities Military Government Phishing 106

Security Affairs

JUNE 6, 2024

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. on January 5, 2020.

Energy and Utilities 116

Energy and Utilities Ransomware Agriculture Encryption 116

Security Affairs

DECEMBER 17, 2021

Recently the Conti gang hit the attack on the Australian energy CS Energy and threaten to leak the stolen files. “The current exploitation led to multiple use cases through which the Conti group tested the possibilities of utilizing the Log4J2 exploit. ” continues AdvIntel. Pierluigi Paganini.

Ransomware 134

Ransomware Energy and Utilities IT Libraries 134

Security Affairs

APRIL 11, 2021

The “accident” impacted the electricity distribution network at Iran’s Natanz nuclear facility, Atomic Energy Organization of Iran spokesman Behrouz Kamalvandi told the Iranian Fars News Agency. . If you want to receive the weekly Security Affairs Newsletter for free subscribe here. ” continues the JP.

Energy and Utilities 119

Energy and Utilities Military IT Security 119

Security Affairs

APRIL 19, 2023

Mint Sandstorm also used custom tools in selected targets, notably organizations in the energy and transportation sectors. The group rapidly weaponized N-day vulnerabilities in popular enterprise applications by using publicly disclosed POCs.

Energy and Utilities 90

Energy and Utilities Military Education Phishing 90

Security Affairs

MAY 10, 2021

Colonial Pipeline is not the first organization in the oil and energy industry targeted by the Darkside ransomware gang, in February the group the Brazilian state-owned electric utility company Copel. The post FBI confirmed that Darkside ransomware gang hit Colonial Pipeline appeared first on Security Affairs.

Ransomware 142

Ransomware Energy and Utilities Encryption Marketing 142

Security Affairs

APRIL 2, 2023

Energy utilities and oil and gas, but also water utilities and transportation systems, are privileged targets of nation-state actors. ” concludes the report.

Energy and Utilities 88

Energy and Utilities Education Ransomware IT 88

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. Additionally, the US authorities has unveiled indictments against two Russian nationals, accusing them of conspiring to carry out LockBit attacks.

Energy and Utilities 99

Energy and Utilities Ransomware Agriculture Manufacturing 99

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities 122

Energy and Utilities Communications Authentication Access 122

Security Affairs

JULY 25, 2019

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack. The energy utility informed its customers via Twitter of the ransomware attack that encrypted its network, including all its databases and applications.

Energy and Utilities 81

Energy and Utilities Ransomware Encryption IT 81

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2% Pierluigi Paganini.

Energy and Utilities 119

Energy and Utilities Manufacturing Archiving Authentication 119

Security Affairs

JANUARY 7, 2022

@Norton @TheHackersNews @WIRED @CondeNast @hacks4pancakes @SwiftOnSecurity Norton is installing a Cryptocurrency miner called Norton Crypto (NCrypt.exe) on end user systems with out so much as a dialogue during the install of its security product. The choice to add a crypto miner to a security suite is considered by many users absurd.

Mining 93

Mining Energy and Utilities Security IT 93

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. .” Additionally, the US authorities has unveiled indictments against two Russian nationals, accusing them of conspiring to carry out LockBit attacks. on January 5, 2020.

Energy and Utilities 109

Energy and Utilities Ransomware Manufacturing Agriculture 109

Hunton Privacy

MARCH 31, 2014

The recent leak of an internal memo to the former Chair of the Federal Energy Regulatory Commission, which was widely reported by national news media, has created a national security setback for the United States. In an article published in Intelligent Utility Update , Hunton & Williams partner Paul M.

Energy and Utilities 40

Energy and Utilities Risk Security Government 40

The Last Watchdog

NOVEMBER 16, 2020

Simply put, iO must be achieved in order to preserve privacy and security while tapping into the next generation of IT infrastructure. It will, of course, be vital to have these next-gen, AI-infused systems run securely, in ways that preserve individual privacy. An intolerable security bottleneck, in fact, is taking shape.

Computer and Electronics 182

Computer and Electronics Encryption Energy and Utilities Cloud 182

Security Affairs

AUGUST 31, 2022

“The joint efforts of Proofpoint and PwC researchers provide a moderate confidence assessment that recent campaigns targeting the federal government, energy, and manufacturing sectors globally may represent recent efforts by TA423 / Red Ladon.” ” read the report published by the experts. Pierluigi Paganini.

Energy and Utilities 96

Energy and Utilities Manufacturing Phishing Government 96

Security Affairs

MAY 9, 2020

The attacks targeted a major utility provider, a university, and a government agency in the United States, a health agency in Canada, a health insurance provider, an energy company in Australia, and a European medical publishing company to deliver various malware families. Pierluigi Paganini. SecurityAffairs – BEC, COVID-19).

Government 68

Government Energy and Utilities Insurance Phishing 68

Security Affairs

NOVEMBER 9, 2019

Department of Homeland Security (DHS) warns of critical flaws impacting Medtronic Valleylab products that could allow hackers to overwrite files and achieve remote code execution. Another vulnerability is related to the use of a vulnerable version of the rssh utility in these products to facilitate file uploads. Pierluigi Paganini.

Energy and Utilities 47

Energy and Utilities Cybersecurity Access Passwords 47

Thales Cloud Protection & Licensing

MAY 13, 2021

Ransomware is the outcome of the overarching problem of underlying network security shortcomings and unauthorized access to critical infrastructure leaving it vulnerable to cyberattacks. And unfortunately, security is often an afterthought. Data security. The Ugly Truth. Modernizing Critical Infrastructure. Encryption.

Energy and Utilities 77

Energy and Utilities Encryption Access Ransomware 77

Security Affairs

NOVEMBER 29, 2020

” During the last campaign, the hackers targeted multiple sectors including Government, financial, energy, food industry, healthcare, education, IT, and legal institutions. Samples from the Dark Caracal campaign (2017) utilized around 100 commands, compared to the current 120 command version we analyzed.

Energy and Utilities 127

Energy and Utilities Government Archiving Education 127