Critical Infrastructure Protection

February 23, 2021

Canadian airplane manufacturer Bombardier has disclosed today a security breach after some of its data was published on a dark web portal operated by the Clop ransomware gang. “An initial investigation revealed that an unauthorized party accessed and extracted data by exploiting a vulnerability affecting a third-party file-transfer application, which was running on purpose-built servers isolated ...

February 23, 2021

Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers, which are “due to a ransom attack,” according to the report. Remman told E24 that the company ...

February 22, 2021

Telephony denial-of-service (TDoS) attacks, which affect the availability and readiness of call centers, are hitting critical first-responder facilities, according to the Federal Bureau of Investigation (FBI). A TDoS attack is designed to prevent incoming and outgoing calls, by flooding a target with junk calls. “The objective is to keep the distraction calls active for as long as ...

February 22, 2021

Chinese threat actors “cloned” and used a Windows zero-day exploit stolen from the NSA’s Equation Group for years before the privilege escalation flaw was patched, researchers say. On Monday, Check Point Research (CPR) said the tool was a “clone” of software developed by the US National Security Agency (NSA)’s Equation Group, identified by FireEye in 2015 ...

February 21, 2021

Canadian undergraduate research university Lakehead has been dealing with a cyberattack that forced the institution earlier this week to cut off access to its servers. The school’s services, including its website, have been down since Tuesday, with personnel shutting down computers on the Thunder Bay and Orillia campuses to stop the attack from spreading. In a communication ...

February 20, 2021

After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment. Procon notified the credit information multinational following the emergence of a leak that exposed the personal data ...

February 19, 2021

Malaysian officials announced on Thursday the arrest of 11 suspects believed to be part of a hacktivist group that defaced government websites during late January. The group, calling itself Anonymous Malaysia, defaced 17 websites for local governments and universities, according to posts they made on a Facebook page earlier this month. The defacements were part of a ...

February 19, 2021

LoRaWAN technology allows organizations to deploy the internet of things solutions at a much lower cost than existing cellular infrastructure solutions. Because of this, enterprises and smart cities around the world have started using LoRaWAN in their operations. As mentioned in the first article of this series, LoRaWAN technology has been used in infrastructure management, ...

February 18, 2021

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as the breach at the Oldsmar water utility might increase organizations’ reluctance to use remote access. Using Oldsmar ...