- REvil ransomware hits US nuclear weapons contractor
June 14, 2021
US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack.
Sol Oriens describes itself as helping the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.”
However, job postings first ...
- Utilities ‘Concerningly’ at Risk from Active Exploits
June 14, 2021
The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against.
A new report from WhiteHat Security measured the amount of ...
- UK tells UN that nation-states should retaliate against cyber badness with no warning
June 11, 2021
Britain has told the UN that international cyber law should allow zero-notice digital punishment directed at countries that attack others’ infrastructure.
A statement made by UK diplomats to the UN’s Group of Governmentcrital Experts on Advancing Responsible State Behaviour in the Context of International Security (UN GGE) called for international law to permit retaliation for cyber ...
- Key Considerations for the Department of Energy on Defending the Bulk Power Grid
June 10, 2021
On January 20, President Joseph Biden issued Executive Order (E.O.) 13990 to help protect U.S. bulk power organizations. This Order enacted a 90-day suspension of E.O. 13920 which was set by the previous administration. The new executive order empowered the Secretary of Energy (“Secretary”) to publish new criteria around pre-qualifying vendors of electric equipment, as ...
- US brokerage firms warned of ongoing phishing with penalty threats
June 8, 2021
FINRA, the U.S. securities industry regulator, has warned brokerage firms of an ongoing phishing campaign threatening recipients with penalties unless they provide the information requested by the attackers.
FINRA (Financial Industry Regulatory Authority) is an independent, non-governmental securities regulator supervised by the U.S. Securities and Exchange Commission (SEC) that regulates all securities firms and exchange markets ...
- FBI Claws Back Millions of DarkSide’s Ransom Profits
June 7, 2021
United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice (DOJ) and FBI announced in a joint press conference on Monday.
“Today we turned the tables on DarkSide,” FBI Deputy Director Paul Abbate said in live-streamed remarks.
They seized the money ...
- Chinese threat actors hacked NYC MTA using Pulse Secure zero-day
June 3, 2021
Chinese-backed threat actors breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet.
MTA mitigated the vulnerability on April 21, one day after Pulse Secure issued an advisory, and CISA published an alert ...
- UF Health Florida hospitals back to pen and paper after cyberattack
June 3, 2021
UF Health Central Florida has suffered a reported ransomware attack that forced two hospitals to shut down portions of their IT network.
The University of Florida Health, also known as UF Health, is a healthcare network of hospitals and physician practices that provide care to countries throughout Florida.
Source: Bleeping Computer
- Banking Attacks Surge Along with Post-COVID Economy
June 2, 2021
For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity.
As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank fraud attacks. In just the past quarter, the number ...
- U.S. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention
May 31, 2021
The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. The roads and railways that we travel on; the Internet and the mobile networks that connect us; the water that we drink; the healthcare, financial services and security ...
- Swedish Health Agency shuts down SmiNet after hacking attempts
May 31, 2021
The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts.
SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening.
- Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency
May 28, 2021
Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds’ Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday.
Burt’s post says the attacks saw Nobelium gain access to accounts on the email marketing service “Constant Contact” operated by The United States Agency for International Development ...
- US nuclear weapon bunker security secrets spill from online flashcards since 2013
May 28, 2021
Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they’re being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available.
The astonishing security blunder was revealed by investigative journalism website ...
- Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
May 27, 2021
Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for U.S.-China strategic relations.
Mandiant continues to gather evidence and respond to intrusions involving compromises of Pulse ...