- North Korean Kimsuky hacking group allegedly behind breach of South Korean nuclear institute
June 21, 2021
A North Korean hacking group with a history of high-profile attacks against South Korea allegedly breached the network of South Korea’s state-run nuclear research institute last month.
Representative Ha Tae-keung of the People Power Party, South Korea’s main opposition party, claimed 13 unauthorised IP addresses accessed the internal network of Korea Atomic Energy Research Institute (KAERI) ...
- Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks
June 17, 2021
President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack.
Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services.
“We’ll find out whether we have a cybersecurity arrangement ...
- NATO summit communiqué compares repeat cyberattacks to armed attacks
June 15, 2021
A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks.
The new standard refers to Article 5 of the 1949 North Atlantic Treaty, as it declares that an attack on a single ...
- REvil ransomware hits US nuclear weapons contractor
June 14, 2021
US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack.
Sol Oriens describes itself as helping the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.”
However, job postings first ...
- Utilities ‘Concerningly’ at Risk from Active Exploits
June 14, 2021
The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against.
A new report from WhiteHat Security measured the amount of ...
- UK tells UN that nation-states should retaliate against cyber badness with no warning
June 11, 2021
Britain has told the UN that international cyber law should allow zero-notice digital punishment directed at countries that attack others’ infrastructure.
A statement made by UK diplomats to the UN’s Group of Governmentcrital Experts on Advancing Responsible State Behaviour in the Context of International Security (UN GGE) called for international law to permit retaliation for cyber ...
- Key Considerations for the Department of Energy on Defending the Bulk Power Grid
June 10, 2021
On January 20, President Joseph Biden issued Executive Order (E.O.) 13990 to help protect U.S. bulk power organizations. This Order enacted a 90-day suspension of E.O. 13920 which was set by the previous administration. The new executive order empowered the Secretary of Energy (“Secretary”) to publish new criteria around pre-qualifying vendors of electric equipment, as ...
- US brokerage firms warned of ongoing phishing with penalty threats
June 8, 2021
FINRA, the U.S. securities industry regulator, has warned brokerage firms of an ongoing phishing campaign threatening recipients with penalties unless they provide the information requested by the attackers.
FINRA (Financial Industry Regulatory Authority) is an independent, non-governmental securities regulator supervised by the U.S. Securities and Exchange Commission (SEC) that regulates all securities firms and exchange markets ...
- FBI Claws Back Millions of DarkSide’s Ransom Profits
June 7, 2021
United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice (DOJ) and FBI announced in a joint press conference on Monday.
“Today we turned the tables on DarkSide,” FBI Deputy Director Paul Abbate said in live-streamed remarks.
They seized the money ...
- Chinese threat actors hacked NYC MTA using Pulse Secure zero-day
June 3, 2021
Chinese-backed threat actors breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet.
MTA mitigated the vulnerability on April 21, one day after Pulse Secure issued an advisory, and CISA published an alert ...
- UF Health Florida hospitals back to pen and paper after cyberattack
June 3, 2021
UF Health Central Florida has suffered a reported ransomware attack that forced two hospitals to shut down portions of their IT network.
The University of Florida Health, also known as UF Health, is a healthcare network of hospitals and physician practices that provide care to countries throughout Florida.
Source: Bleeping Computer
- Banking Attacks Surge Along with Post-COVID Economy
June 2, 2021
For many, COVID-19 has been a crushing catastrophe. But for bank scammers, it’s shaped up to be a nice little money-making opportunity.
As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank fraud attacks. In just the past quarter, the number ...
- U.S. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention
May 31, 2021
The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. The roads and railways that we travel on; the Internet and the mobile networks that connect us; the water that we drink; the healthcare, financial services and security ...
- Swedish Health Agency shuts down SmiNet after hacking attempts
May 31, 2021
The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts.
SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening.