Security News

Over 130,000 solar energy monitoring systems exposed online
2023-07-06 09:04

Security researchers are warning that tens of thousands of photovoltaic monitoring and diagnostic systems are reachable over the public web, making them potential targets for hackers. These systems are used for remote performance monitoring, troubleshooting, system optimization, and other functions to allow remote management of renewable energy production units.

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors
2023-07-05 14:10

The malware "Possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for carrying out ransomware activities," Zscaler researchers Shatak Jain and Gurkirat Singh said in a recent analysis. Following a successful breach, the malicious binary is used as a conduit to set up persistence, perform the actual browser update, and also drop a stealer capable of covertly harvesting sensitive information and encrypting the stolen files, leaving the victims at risk of potential data loss, exposure, or even the sale of their valuable data.

Siemens Energy confirms data breach after MOVEit data-theft attack
2023-06-27 18:11

Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.Today, Clop listed Siemens Energy on their data leak site, indicating that data was stolen during a breach on the company.

Suncor Energy cyberattack impacts Petro-Canada gas stations
2023-06-26 13:27

Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points as its parent company, Suncor Energy, discloses they suffered a cyberattack.Suncor Energy is the 48th-largest public company in the world, and one of Canada's largest synthetic crude producers, having an annual revenue of $31 billion.

How cybercriminals target energy companies
2023-06-15 04:30

In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses how cybercriminals employ specialized strategies when targeting energy companies. This is primarily due to the sensitive and valuable information these organizations hold and their critical role in infrastructure, making them particularly attractive for economic and geopolitical disruption.

Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids
2023-05-25 21:07

Malware designed to disrupt electric power grids was likely developed by a Russian contractor, according to Mandiant's threat intel team that discovered the malicious software and dubbed it CosmicEnergy. The team say it's likely a contractor created the malware as a red-teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cybersecurity company.

Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
2023-04-19 06:42

An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. Targeted entities consist of seaports, energy companies, transit systems, and a major U.S. utility and gas company.

'Bitter' espionage hackers target Chinese nuclear energy orgs
2023-03-24 14:47

A cyberespionage hacking group tracked as 'Bitter APT' was recently seen targeting the Chinese nuclear energy industry using phishing emails to infect devices with malware downloaders. Bitter is a suspected South Asian hacking group known to target high-profile organizations in the energy, engineering, and government sectors in the Asian-Pacific region.

Hitachi Energy confirms data breach after Clop GoAnywhere attacks
2023-03-17 16:20

Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability. Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems.

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
2023-03-15 13:49

A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. Prominent countries targeted include Azerbaijan, Tajikistan, Kyrgyzstan, Turkmenistan, and other Commonwealth of Independent States nations.