The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It’s notable that hacks to gain access to, and maintain control of, industrial control systems are a recurring theme in cyber warfare.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

Security Affairs

DECEMBER 6, 2021

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. SecurityAffairs – hacking, Colorado Electric Utility). Pierluigi Paganini.

Energy and Utilities 112

Energy and Utilities Cyber Attacks Ransomware Data breaches 112

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing 100

Phishing Energy and Utilities Advertising Engineering 100

Security Affairs

OCTOBER 21, 2018

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. The hackers used the powerful cyber weapons to compromise systems used in aerospace, nuclear energy, R&D, and other industries. Pierluigi Paganini.

Hacking 111

Hacking Energy and Utilities Advertising Authentication 111

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

Government 117

Government Energy and Utilities Malware Hacking 117

Joseph Steinberg

MAY 12, 2021

In late 2016, hackers, perhaps acting on behalf of the Russian government, utilized multiple pieces of malware to both knock out power to large segments of Ukraine and to simultaneously disable the phone communications capabilities of the impacted power providers, thereby complicating recovery efforts.

Energy and Utilities 219

Energy and Utilities Ransomware Artificial Intelligence Cyber Attacks 219

Security Affairs

DECEMBER 16, 2021

The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked Lazarus APT group in attacks aimed at the defense industry. The PseudoManuscrypt loader is delivered via a Malware-as-a-Service (MaaS) platform that distributes the malicious code in pirated software installer archives.

Spyware 139

Spyware Energy and Utilities Malware Engineering 139

Security Affairs

AUGUST 31, 2022

Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. The Italian energy sector appears to be under attack, over the weekend, Italy’s energy agency Gestore dei Servizi Energetici SpA was hit by a cyber attack. SecurityAffairs – hacking, ENI). Pierluigi Paganini.

Energy and Utilities 108

Energy and Utilities Ransomware Cyber Attacks Hacking 108

Security Affairs

DECEMBER 17, 2021

Conti operators run a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections. Recently the Conti gang hit the attack on the Australian energy CS Energy and threaten to leak the stolen files. ” continues AdvIntel.

Ransomware 139

Ransomware Energy and Utilities Cybercrime Malware 139

Security Affairs

MAY 19, 2020

Real-Life Examples of Spear-Phishing Attacks in the Energy Production Sector. The threat of spear-phishing for energy companies is, unfortunately, not a theoretical one. Downloading them infected a user’s system with a type of trojan spyware not previously seen in other utilities industry cyberattacks. Not a New Concern.

Energy and Utilities 124

Energy and Utilities Phishing Advertising Technology 124

Security Affairs

NOVEMBER 29, 2020

. “During this past year, dozens of digitally signed variants of this once commodity malware started to reappear in the threat landscape, reigniting interest in this old malware family.” Experts observed several samples of the malware that were digitally signed with valid certificates issued by Certum.

Energy and Utilities 138

Energy and Utilities Malware Government Healthcare 138

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020. on January 5, 2020.

Energy and Utilities 136

Energy and Utilities Ransomware Financial Services Manufacturing 136

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 98

Energy and Utilities Ransomware Backups Malware 98

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” The court order allowed authorities to use the Moobot malware to copy and delete stolen and malicious data and files from compromised routers.

Energy and Utilities 134

Energy and Utilities Government Firewall Malware 134

SecureWorld News

FEBRUARY 1, 2024

The United States continues to grapple with cyber intrusions emanating from sophisticated hacking groups affiliated with the Chinese government. It was controlled by a prolific Chinese hacking group tracked as Volt Typhoon. Investigations into Volt Typhoon's extensive infrastructure hacking campaign remain ongoing.

Energy and Utilities 127

Energy and Utilities Government Hacking Malware 127

Security Affairs

DECEMBER 26, 2023

2️ Cyber Attacks Against Energy (Oil & Gas) and Nuclear Sectors Critical infrastructure across all domains continues to remain a focal point for cyber-attacks, orchestrated by both cybercriminal elements and nation-state actors.

Cyber threats 139

Cyber threats Energy and Utilities Cyber Attacks Artificial Intelligence 139

Security Affairs

APRIL 11, 2021

The “accident” impacted the electricity distribution network at Iran’s Natanz nuclear facility, Atomic Energy Organization of Iran spokesman Behrouz Kamalvandi told the Iranian Fars News Agency. . SecurityAffairs – hacking, Iran). ” reads the post published by Jerusalem Post. ” continues the JP.

Cyber Attacks 135

Cyber Attacks Energy and Utilities Media Hacking 135

Security Affairs

SEPTEMBER 6, 2018

Schneider Electric announced that some of the USB drives it has shipped with its Conext ComBox and Conext Battery Monitor products were infected with malware. Both products are part of the solar energy offering of the vendor. These USB removable media contain user documentation and non-essential software utilities.

Malware 81

Malware Energy and Utilities Manufacturing Media 81

Security Affairs

JANUARY 28, 2020

Snake Ransomware was first detected by researchers from MalwareHunterTeam last week and analyzed it with the support of the popular malware analysts Vitali Kremez. Then the malware encrypts the files on the system, skipping Windows system files and folders. “Using an already “proven” malware (i.e. ” concludes OTORIO.

Ransomware 129

Ransomware Energy and Utilities Manufacturing Malware 129

Security Affairs

SEPTEMBER 9, 2020

K-Electric (KE) (formerly known as Karachi Electric Supply Company / Karachi Electric Supply Corporation Limited) is a Pakistani investor-owned utility managing all three key stages – generation, transmission and distribution – of producing and delivering energy to consumers. SecurityAffairs – hacking, Netwalker).

Ransomware 145

Ransomware Energy and Utilities VPN Advertising 145

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Most of the impacted organizations are in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems sectors.

Energy and Utilities 136

Energy and Utilities VPN Manufacturing Firewall 136

Security Affairs

OCTOBER 9, 2022

Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. Eskom is one of the few remaining vertically integrated utilities connected to the Southern African Power Pool (SAPP) through an interconnected grid, which serves to support grid stability. SecurityAffairs – hacking, ESKOM).

Energy and Utilities 102

Energy and Utilities Ransomware InfoSec Hacking 102

Security Affairs

JULY 25, 2019

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack. The energy utility informed its customers via Twitter of the ransomware attack that encrypted its network, including all its databases and applications.

Energy and Utilities 105

Energy and Utilities Ransomware Advertising Encryption 105

Security Affairs

JUNE 6, 2024

Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems.” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware)

Energy and Utilities 138

Energy and Utilities Ransomware Encryption Financial Services 138

Security Affairs

JUNE 30, 2019

The APT33 group has been around since at least 2013, since mid-2016, the group targeted the aviation industry and energy companies with connections to petrochemical production. Most of the domains (60%) were associated with malware families related to njRAT infections, a malware wasn’t previously associated with APT33.

Energy and Utilities 102

Energy and Utilities Advertising Retail Healthcare 102

Security Affairs

AUGUST 27, 2024

” This malware, designed specifically for Versa Director, currently has zero detections on VirusTotal. The malware is developed through Apache Maven, it was built on June 3, 2024, and attaches itself to the Apache Tomcat process on execution. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

Energy and Utilities 131

Energy and Utilities Firewall Technology Malware 131

Security Affairs

OCTOBER 30, 2021

Dunaev, also known as FFX, was involved in the development of a browser injection module for the Trickbot malware. Investigators believe that the TrickBot gang was composed of at least 17 members, malware managers, malware developers, crypters, and spammers. Sentencing Guidelines and other statutory factors.”

Identity Theft 110

Identity Theft Energy and Utilities Malware Banking 110

Security Affairs

APRIL 19, 2023

Mint Sandstorm also used custom tools in selected targets, notably organizations in the energy and transportation sectors. In the last stage of the attack, the subgroup deploys a custom malware variant, such as Drokbk or Soldier instead of using publicly available tools and simple scripts. ” concludes Microsoft.

Energy and Utilities 98

Energy and Utilities Accountability Education Media 98

Security Affairs

MAY 25, 2020

One of the victims of the ransomware is the energy giant Energias de Portugal (EDP) , where the attackers claimed to have stolen 10 TB of files. The malware leverage a VirtualBox feature that allows the host operating system to share folders and drives as a network share inside a virtual machine. Pierluigi Paganini.

Encryption 137

Encryption Ransomware Energy and Utilities Advertising 137

Security Affairs

JULY 2, 2019

Malware is currently delivered from: 'hxxps://customermgmt.net/page/macrocosm' #cybersecurity #infosec — USCYBERCOM Malware Alert (@CNMF_VirusAlert) July 2, 2019. These executables are both downloaders that utilize powershell to load the PUPY RAT. The attacks are targeting U.S. industries and government agencies.

Energy and Utilities 110

Energy and Utilities Malware Advertising InfoSec 110

Security Affairs

FEBRUARY 21, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities 134

Energy and Utilities Ransomware Manufacturing Financial Services 134

Security Affairs

FEBRUARY 20, 2024

Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems.” Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) on January 5, 2020.

Energy and Utilities 134

Energy and Utilities Ransomware Manufacturing Financial Services 134

Security Affairs

APRIL 2, 2023

The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm. The company was commissioned for the development of tools, training programs, and a hacking platform. Files leaked by Russian IT contractor NTC Vulkan show that Russia-linked Sandworm APT requested it to develop offensive tools.

Energy and Utilities 98

Energy and Utilities Media Hacking Technology 98

CyberSecurity Insiders

JUNE 3, 2021

This breach, like every major ransomware attack, was likely because of spear phishing, where someone either received the malware via an emailed attachment or clicked on a link that took them to a website that hosted it. This was how the Sony Pictures ransomware hack also took place in late 2014 and since. Ransomware is at the top.

Cybersecurity 136

Cybersecurity Energy and Utilities Social Engineering Phishing 136

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Electric grid utilities are deploying smart meters to better correspond to consumers energy demands while lowering costs. Mirai, Jeep Hack, etc.) Once installed, the malware “phoned home” to a command-and-control network run by the hacking group, which enabled them to enter the network and take further action.

IoT 96

IoT Manufacturing Energy and Utilities Data collection 96

SecureList

NOVEMBER 14, 2023

The malware posed as ransomware, demanding money from the victims for “decrypting” their data. UNC4841 deployed new malware designed to maintain presence on a small subset of high-priority targets compromised either before the patch was released or shortly afterwards. We have not seen anything of the kind in 2023.

Hacking 141

Hacking Energy and Utilities Media Malware 141

Security Affairs

AUGUST 31, 2022

“The joint efforts of Proofpoint and PwC researchers provide a moderate confidence assessment that recent campaigns targeting the federal government, energy, and manufacturing sectors globally may represent recent efforts by TA423 / Red Ladon.” SecurityAffairs – hacking, ScanBox). In June 2021, the U.S. Pierluigi Paganini.

Energy and Utilities 98

Energy and Utilities Manufacturing Government Media 98