Critical Infrastructure Protection

July 29, 2025

Owners of Singapore’s critical information infrastructure (CII) will soon be required to report any incidents suspected to be caused by advanced persistent threats (APTs), a type of prolonged cyberattack typically carried out by well-resourced threat actors. The reports must be made to the Cyber Security Agency of Singapore (CSA), said Minister for Digital Development and Information ...

July 28, 2025

The infamous ScatteredSpider ransomware group is using VMware instances to target critical infrastructure organizations in the US, researchers have warned. In the campaign, the hackers do not exploit any vulnerabilities, but instead go for “aggressive, creative, and particularly skilled” social engineering. They first reach out to their victim’s IT desk, impersonating an employee, and asking for ...

July 26, 2025

This analysis is a follow-up to the investigation titled ‘Intrusion into Middle East Critical National Infrastructure’, conducted by the FortiGuard Incident Response Team (FGIR), which investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East. The report revealed that threat actors had installed numerous web shell servers on the compromised system. In ...

July 23, 2025

Security researchers say hackers have breached at least 400 organizations by exploiting a zero-day vulnerability in Microsoft SharePoint, signaling a sharp rise in the number of detected compromises since the bug was discovered last week. Eye Security, a Dutch cybersecurity firm that first identified the vulnerability in SharePoint, a popular server software that companies use to ...

July 22, 2025

Since September 2024, Interlock ransomware actors have impacted a wide range of businesses and critical infrastructure sectors in North America and Europe. These actors are opportunistic and financially motivated in nature and employ tactics to infiltrate and disrupt the victim’s ability to provide their essential services. Interlock actors leverage a double extortion model, in which they ...

July 3, 2025

When the phone rings at 3am in the world of critical infrastructure cybersecurity, it’s rarely good news. For security professionals protecting water utilities, power grids, and transport networks, these midnight calls often signal that someone, somewhere, is trying to disrupt the services millions depend on. Recent ransomware attacks targeting water treatment facilities remind us that ...

June 30, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) (hereafter referred to as the authoring agencies) strongly urge organizations to remain vigilant for potential targeted cyber activity against U.S. critical infrastructure and other U.S. entities by Iranian-affiliated cyber ...

June 28, 2025

An abrupt and massive rise in Distributed Denial of Service (DDoS) attacks against U.S. businesses has coincided with Washington’s involvement in the Israel-Iran conflict. According to Radware’s Director of Threat Intelligence, Pascal Geenens, between June 21 and 22, 2025, hacktivist-led DDoS claims surged by 800%. This dramatic increase was paralleled by a 900% drop in ...

June 20, 2025

The Canadian Centre for Cyber Security (Cyber Centre) and the United States’ Federal Bureau of Investigation (FBI) are warning Canadians of the threat posed by People’s Republic of China (PRC) state-sponsored cyber threat actor tracked in industry reporting as Salt Typhoon. The Cyber Centre previously joined our partners in warning that PRC cyber actors have compromised ...