Industries critical to COVID-19 response suffer surge in cloud cyberattacks

Industries and organizations critical to the fight against COVID-19 have faced a surge in cyberattacks due to their rapid transition to cloud platforms in light of the pandemic. When the world first began to take notice of the global spread Read More …

U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector

The U.S Government released on January 5, 2021, a cybersecurity plan to secure the nation’s maritime sector against cybersecurity threats that could endanger national security. The Maritime Cyber Environment With International Maritime Organization’s (IMO) mandate “to ensure that cyber risks Read More …

Adventures in MQTT Part II: Identifying MQTT Brokers in the Wild

The use of publicly accessible MQTT brokers is prevalent across numerous verticals and technology fields. I was able to identify systems related to energy production, hospitality, finance, healthcare, pharmaceutical manufacturing, building management, surveillance, workplace safety, vehicle fleet management, shipping, construction, Read More …

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunnelling for C2

The xHunt campaign has been active since at least July 2018 and we have seen this group target Kuwait government and shipping and transportation organizations. Recently, we observed evidence that the threat actors compromised a Microsoft Exchange Server at an Read More …

Maritime cyber attacks increase by 900% in three years

Cyber attacks on the maritime industry’s operational technology (OT) systems have increased by 900% over the last three years with the number of reported incidents set to reach record volumes by year end. Addressing port and terminal operators during an Read More …

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

The first known attack in this campaign targeted a Kuwait transportation and shipping company in which the actors installed a backdoor tool named Hisoka. Several custom tools were later downloaded to the system in order to carry out post-exploitation activities. Read More …

Port of San Diego suffers cyber-attack, second port in a week after Barcelona

Two major international ports fell victim to cyber-attacks within the span of a week, putting the shipping industry on alert for a possible threat actor targeting the entire sector. The first to fall was the Port of Barcelona, Spain, on Read More …