Energy

  • Patch Tuesday – February 2026

    February 11, 2026

    Microsoft is publishing 55 vulnerabilities this February 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for six of today’s vulnerabilities, and notes public disclosure for three of those. Earlier in the month, All three of the publicly disclosed zero-day vulnerabilities published today are security feature bypasses, and Microsoft acknowledges the same cast of ...

  • Dynowiper: Destructive Malware Targeting Poland’s Energy Sector

    February 6, 2026

    The coordinated destructive campaign against critical energy infrastructure occurred on December 29, 2025, during a period of severe winter weather in Poland. According to CERT Polska’s report, the campaign targeted: 30+ wind and solar farms across Poland; A major CHP plant supplying heat to nearly half a million customers; A manufacturing sector company characterized as an ...

  • North Korean Labyrinth Chollima is morphing into three separate entities

    January 30, 2026

    One of the largest and most successful North Korean state-sponsored threat actors has split into three separate entities, each with their own tactics, malware tools, targets, and goals, experts have warned. In a recent in-depth analysis, researchers from CrowdStrike expalined the move is a strategic evolution to make Labyrinth Chollima cyberattacks more efficient, and that the ...

  • Researchers say Russian government hackers were behind attempted Poland power outage

    January 23, 2026

    A failed December effort to bring down parts of Poland’s energy grid was the work of Russian government hackers known for causing past energy disruptions, according to a security research firm that investigated the incident. Last week, Polish Energy Minister Milosz Motyka told reporters that the attempted cyberattack on December 29 and 30 saw hackers targeting ...

  • US cyber attacks plunged Caracas into darkness

    January 4, 2026

    US cyber attacks cut off power to large areas of Caracas to allow planes and helicopters to strike key military sites and capture Nicolás Maduro. Cyber command, space command and other American agencies layered effects to ensure more than 150 of its planes, drones and helicopters could approach the Venezuelan capital undetected. Cyber operators blacked out ...

  • Cybercrook claims to be selling infrastructure info about three major US utilities

    January 2, 2026

    A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power. The price is 6.5 bitcoin, which amounts to about $585,000. Based in ...

  • Venezuela’s PDVSA suffers cyberattack

    December 15, 2025

    Venezuela’s state-run oil company PDVSA has been subject to a cyberattack, it said on Monday, adding its operations were unaffected, even though four sources said systems remained down and oil cargo deliveries were suspended. PDVSA and the oil ministry blamed the U.S. for the cyberattack on Monday, saying it was carried out by “foreign interests in ...

  • SHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like Tactics

    December 11, 2025

    In October and November 2025, campaigns targeting sectors such as energy, defence, pharmaceuticals, and cybersecurity shared characteristics with older campaigns attributed to Void Rabisuopen on a new tab (also known as ROMCOM, Tropical Scorpius, Storm-0978). Void Rabisu is known to be associated with an actor group that has both financial and espionage motivations that are ...

  • ENBANTEC Cyber Security Conference and Exhibition will be held on 12 May 2026 in Istanbul, Turkey

    November 28, 2025

    ENBANTEC is a global conference which is one of the most important and prestigious conferences in EMEA region with its focus on Cyber Security, IT Security, Network Security, Data Security, Cloud Security, Mobile Security, Endpoint Security and Identity and Access Management. With 185+ attendees, 40+ speakers, ENBANTEC 2025 Conference was organized very successfully. An intensive ...

  • Canadian government claims hacktivists are attacking water and energy facilities

    October 31, 2025

    The Canadian government has issued a new security alert warning of so-called hacktivists targeting Industrial Control Systems (ICS). The report says the Cyber Centre and the Royal Canadian Mounted Police has received “multiple reports” of incidents involving internet-accessible ICS. Among the reports were an attack on a water facility, in which the miscreants tampered with water ...

  • Satellites found exposing unencrypted data, including phone calls and some military comms

    October 14, 2025

    Security researchers have discovered that as many as half of all geostationary satellites in Earth’s orbit are carrying unencrypted sensitive consumer, corporate, and military information, making this data wide open to eavesdropping. The researchers at UC San Diego and the University of Maryland spent $800 on an off-the-shelf satellite receiver and pointed it at the sky ...

  • Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks

    October 2, 2025

    BI.ZONE Threat Intelligence recorded Cavalry Werewolf activity from May to August 2025. In order to gain initial access, the attackers sent out targeted phishing emails disguising them as official correspondence from Kyrgyz government officials. The main targets of the attacks were Russian state agencies, as well as energy, mining, and manufacturing enterprises. Cavalry Werewolf relied ...

  • Denmark energy cyber attack highlights infrastructure security gaps

    August 4, 2025

    November 2023 saw an unprecedented cyber attack on Denmark’s energy infrastructure. In a co-ordinated breach of 22 companies, criminal gangs gained access to industrial control systems. Investigators believe at least one of the attackers was acting on behalf of a state. Michael Murphy, who heads Fortinet’s APAC Operational Technology group from the company’s Sydney office, says ...

  • The Looming Cybersecurity Threat at the Industrial IoT Edge

    June 5, 2025

    The Industrial Internet of Things (IIoT) has transformed how industries operate, delivering efficiencies and insights previously unimaginable. Businesses across manufacturing, logistics, energy, and supply-chain sectors are now rapidly connecting legacy factory equipment, RFID-enabled assets, and operational technologies to cloud-based analytics platforms. But as companies accelerate their adoption of these powerful technologies, they’re opening the door to ...

  • Cyber crime a big threat to Nigeria’s oil, gas sector

    May 14, 2025

    Nigeria’s strategic oil and gas industry has been urged to beef up its cyber security and avoid massive potential cost to the economy if current measures fail. According to Check Point’s African Perspectives on Cyber Security Report 2024, Nigeria continues to face one of the highest frequencies of cyber attacks in Africa, with organisations being attacked ...

  • A major power outage is reported in Spain and Portugal, including their capitals

    April 28, 2025

    A major power outage hit Spain and Portugal on Monday, including their capitals, knocking out subway networks, phone lines, traffic lights and ATM machines. It is rare to have such a widespread outage there. Spanish generator Red Eléctrica said it affected the Iberian peninsula and the incident is being assessed. The countries have a combined population ...

  • CISA, DHS S&T, INL, LSU Help Energy Industry Partners Strengthen Incident Response and OT Cybersecurity

    April 23, 2025

    The Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and the Idaho National Laboratory (INL) hosted Louisiana State University (LSU) and several energy industry and critical infrastructure partners to train against simulated, high-impact cyberattacks on operational technology (OT) and traditional information technology (IT) at CISA’s Control Environment ...

  • Suspected Kimsuky (APT-Q-2) attacks South Korean companies

    April 11, 2025

    Kimsuky, alias Mystery Baby, Baby Coin, Smoke Screen, Black Banshe, etc., is tracked internally by Qi’anxin as APT-Q-2. The APT group was publicly disclosed in 2013, with attack activity dating as far back as 2012. Kimsuky’s main target for attacks has been South Korea, involving defense, education, energy, government, healthcare, and think tanks, with a focus ...

  • GOFFEE continues to attack organizations in Russia

    April 10, 2025

    GOFFEE is a threat actor that first came to our attention in early 2022. Since then, Kaspersky researchers have observed malicious activities targeting exclusively entities located in the Russian Federation, leveraging spear phishing emails with a malicious attachment. Starting in May 2022 and up until summer of 2023, GOFFEE deployed modified Owowa (malicious IIS module) in ...

  • Millions of solar power systems could be at risk of cyber attacks after researchers find flurry of vulnerabilities

    March 30, 2025

    The increasing use of solar power has exposed critical cybersecurity vulnerabilities in inverters, cloud computing services, and monitoring platforms, creating an insecure ecosystem where hackers can manipulate energy production, disrupt power grids, and steal sensitive data, posing serious risks to global energy infrastructure, experts have warned. A study by Forescout – Vedere Labs identified 46 new ...