- Iranian Government-Sponsored APT Cyber Actors Exploiting MS Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
November 17, 2021
This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, ...
- An Investigation Into SS7 Exploitation Services On The Dark Web
November 17, 2021
In this latest investigative article SOS intelligence researchers will be taking a look at alleged SS7 exploitation services on the Dark Web and diving into their credibility using SOS Intelligence analytics toolkit.
SS7 Significance & Background
Signalling System 7 is a telecommunications protocol adopted internationally that defines how the network elements in a public switched telephone network ...
- On the Watch for Incident Response Capabilities in the Health Sector
November 11, 2021
The meetings of the CSIRT Network and the CyCLONe taking place these days in Ljubljana and online, have set the stage for the publication of the new report on CSIRT capabilities for increased efficiency of incident response tools and processes of specific sectors.
Health organisations such as hospitals rely today on complex critical infrastructures in order ...
- Philippines gov takes down passport application website amid privacy leak fears
November 11, 2021
The Philippines’ Department of Foreign Affairs (DFA) has disabled its online passport application tracker, citing a “data privacy issue” and hinting that information could have leaked.
“The DFA’s IT Unit is currently investigating the circumstances surrounding this issue and is taking appropriate measures to secure the data that may have been exposed,” states a notice on ...
- A set of vulnerabilities in TCP/IP stacks could leave millions of connected medical devices open to attack
November 9, 2021
Critical vulnerabilities in millions of connected devices used in hospital networks could allow attackers to disrupt medical equipment and patient monitors, as well as Internet of Things devices that control systems and equipment throughout facilities, such as lighting and ventilation systems.
The vulnerable TCP/IP stacks – communications protocols commonly used in connected devices – are also ...
- Ukraine links members of Gamaredon hacker group to Russian FSB
November 4, 2021
SSU and the Ukrainian secret service say they have identified five members of the Gamaredon hacking group, a Russian state-sponsored operation known for targeting Ukraine since 2014.
This Gamaredon hacking group, tracked as Armageddon by the SSU, is allegedly operated under the FSB (Russian Federal Security Service) and is believed to be responsible for over 5,000 ...
- CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities
November 3, 2021
A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems.
Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives.
Federal agencies are required to comply ...
- Mobile phishing attacks targeting energy sector surge by 161%
November 3, 2021
Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year’s (H2 2020) data, and the trend is showing no signs of slowing down.
Although the perils of outdated and vulnerable devices plague all sectors, a new report by cybersecurity firm Lookout indicates that energy is the most targeted, followed ...
- Cybercriminals sell access to international shipping, logistics giants
November 2, 2021
Cybercriminals are offering initial access for networks belonging to key players in global supply chains, researchers warn.
On Tuesday, Intel 471 published an analysis of current black market trends online, revealing instances of initial access brokers (IABs) offering access to international shipping and logistics companies across the ground, air, and sea.
Global supply chains have faced serious ...
- Canadian province health care system disrupted by cyberattack
November 1, 2021
The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.
The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments. This outage affected health systems in Central Health, Eastern Health, Western Health, ...
- Europol: 12 Targeted For Involvement In Ransomware Attacks Against Critical Infrastructure
October 29, 2021
A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries.
These attacks are believed to have affected over 1 800 victims in 71 countries. These cyber actors are known for specifically targeting large corporations, ...
- EU Green Pass-generation keys stolen – sources
October 27, 2021
Some of the keys used to generate the European Green Pass have been stolen and distributed on programming networks to create false COVID-19 health certificates, qualified Italian sources said on Wednesday.
A series of meetings at the EU level were being held on Wednesday to examine the situation, according to the sources.
Source: ANSA News
- Iran struggles to relaunch petrol stations after cyber attack
October 27, 2021
Iran struggled Wednesday to restart its petrol distribution system after it was hit by an unprecedented cyber-attack which security officials said was launched from abroad.
The unclaimed attack crippled the country’s system of government-issued electronic cards which motorists use to purchase heavily subsidised fuel.
Long queues have formed outside petrol stations, angering motorists in a country already ...
- FBI: Ranzy Locker ransomware hit at least 30 US companies this year
October 26, 2021
The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors.
“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021,” the FBI said in a TLP: WHITE flash alert.
“The victims include the construction subsector of ...