US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity.
The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases to tinker with display readings on the tanks but not the actual levels of fuel in them, the sources said.
Read more…
Source: CNN News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malware
July 27, 2020
Cyber-security agencies from the UK and the US have published today a joint security alert about QSnatch, a strain of malware that has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP. In alerts by the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC), ...
- European court strikes down EU-US Privacy Shield user data exchange agreement as invalid
July 16, 2020
A crucial mechanism for transferring EU citizen data between the United States and Europe has been ruled as invalid in what could be a major blow to thousands of companies. Known as the EU-US Data Privacy Shield, the pact was designed for the exchange of data across country borders with high and legally-enforced data protection standards, ...
- More pre-installed malware has been found in budget US smartphones
July 9, 2020
Pre-installed malware has been discovered on another budget handset connected to Assurance Wireless by Virgin Mobile. Back in January, cybersecurity researchers from Malwarebytes discovered unremovable malware bundled with the Android operating systems on the Unimax (UMX) U686CL, a low-end handset sold by Assurance Wireless as part of the Lifeline Assistance program, a 1985 US initiative which subsidizes telephone services for ...
- German authorities seize ‘BlueLeaks’ server that hosted data on US cops
July 7, 2020
German authorities have seized today a web server that hosted BlueLeaks, a website that provided access to internal documents stolen from US police departments. The server belonged to DDoSecrets (Distributed Denial of Secrets), an activist group that published the files last month, in mid-June. The server seizure was announced today by investigative journalist Emma Best, one of ...
- IcedID Banker is Back, Adding Steganography, COVID-19 Theme
June 18, 2020
A new version of the IcedID banking trojan has debuted that notably embraces steganography – the practice of hiding code within images – in order to stealthily infect victims. It has also changed up its process for eavesdropping on victims’ web activity. Researchers at Juniper Threat Labs have uncovered an email spam campaign circulating in the ...
- US bank customers targeted in ongoing Qbot campaign
June 15, 2020
Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional ...