17 US utility firms targeted by mysterious state-sponsored group

A mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29, Proofpoint reported today. The purpose of these attacks was to infect employees at US Read More …

Modern cyber security bears great resemblance to the Titanic disaster, says Stena CISO

Magnus Carling, CISO of worldwide conglomerate Stena AB, likened modern cyber security practices to the oversights which led to the Titanic disaster in 1912. Speaking at Cloudsec 2019, Carling told attendees “the iceberg was innocent. It wasn’t the iceberg that Read More …

‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker ‘omnipotent’ control over a server and its contents. Authentication vulnerabilities in the baseboard management controllers (BMCs) of Supermicro X9-X11 servers have been discovered that allow a remote attacker to easily connect Read More …

WannaCry-style cyber attack could trigger full NATO response, says Secretary General

NATO Secretary General Jens Stoltenberg has said a cyber attack on a single member state could constitute an attack on all 29 members. The announcement effectively incorporates cyber security into Article 5 of the NATO founding treaty, a “collective defence Read More …

Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs

To nobody’s surprise, hacker groups have started exploiting vulnerabilities that have been made public earlier this month, taking advantage of public technical details and demo exploit code to launch attacks against real-world targets. Attacks have started this week, and they’ve Read More …

European Central Bank Shuts Down ‘BIRD Portal’ After Getting Hacked

The European Central Bank (ECB) confirmed Thursday that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers. Headquartered in Germany, the European Central Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

Man jailed for cyber attacks against police websites in revenge for bomb hoax conviction

A 20-year-old man has been jailed for 16 months after launching cyber attacks against police websites. Liam Reece Watts used specialist software to overload the Greater Manchester Police and Cheshire Police websites in separate attacks which temporarily brought down the Read More …

Nation-State APTs Target U.S. Utilities With Dangerous Malware

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July Read More …