Security News

In this interview for Help Net Security, Katie Taitler, Senior Cybersecurity Strategista at Axonius, talks about cyber threats in the energy sector and what should be improved to make sure this sector is properly guarded. What are the reasons the energy sector is so unprepared for these growing cyber threats?

NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors. A recent analysis by Zscaler presents a new DNS backdoor based on the DIG.net open-source tool to carry out "DNS hijacking" attacks, execute commands, drop more payloads, and exfiltrate data.

A research published by DNV reveals that energy executives anticipate life, property, and environment-compromising cyberattacks on the sector within the next two years. "It is concerning to find that some energy firms may be taking a 'hope for the best' approach to cybersecurity rather than actively addressing emerging cyber threats. This draws distinct parallels to the gradual adoption of physical safety practices in the energy industry over the past 50 years," said Solberg.

Vulnerabilities found in Bluetooth Low Energy gives hackers access to numerous devices. A critical flaw found in Bluetooth Low Energy receivers may grant cyber criminals entry to anything from personal devices, such as phones or laptops, to even cars and houses.

How password fatigue can cost organizations time, money and mental energy. For its study, "Measuring Password Fatigue: Usability and Cybersecurity Impacts," Beyond Identity surveyed 1,047 Americans, including more than 600 full-time employees, to determine how password fatigue is affecting their daily lives.

He asked Yubico for help deploying the security keys to the Ukrainian government. "We needed to have a lot of keys to deploy but we didn't have this amount of keys in our warehouse," he said.

The Russian state-sponsored hacking group known as Sandworm tried on Friday to take down a large Ukrainian energy provider by disconnecting its electrical substations with a new variant of the Industroyer malware for industrial control systems and a new version of the CaddyWiper data destruction malware. The threat actor used a version of the Industroyer ICS malware customized for the target high-voltage electrical substations and then tried to erase the traces of the attack by executing CaddyWiper and other data-wiping malware families tracked as Orcshred, Soloshred, and Awfulshred for Linux and Solaris systems.

The new FBI warning [PDF] came a day after the US Department of Justice unsealed a pair of indictments that detail alleged Russian government efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure. One of the two indictments involves Triton malware and its use in the 2017 attack.

The United States Department of Justice has unsealed a pair of indictments that detail alleged Russian government hackers' efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure around the world - including at least one nuclear power plant. The trio allegedly spent 2012 to 2014 working on a project code-named "Dragonfly" during which a supply chain attack targeted updates of industrial control systems and supervisory control and data acquisition systems.

CyberSaint announced the release of a report which identifies which sectors pay the most in ransom, have the propensity to pay and delves into the future of ransomware. Since these sectors provide vital services, organizations are more likely to pay the ransom to protect the stolen data and restore provided services.