Security News
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. "The group compromised a subsidiary and penetrated the target company's network through it. Trusted relationship attacks are rare today due to the complexity of their execution. Using this method [], the ChamelGang group was able to achieve its goal and steal data from the compromised network."
Though attackers mainly have been seen targeting Russian organizations, they have attacked targets in 10 countries so far, researchers said in a report by company researchers Aleksandr Grigorian, Daniil Koloskov, Denis Kuvshinov and Stanislav Rakovsky published online Thursday. ChamelGang - like Nobelium and REvil before it - has hopped on the bandwagon of attacking the supply chain first to gain access to its ultimate target, they said.
Zero-trust is a good way to prevent hackers from gaining control of our infrastructure and energy industries, expert says. TechRepublic's Karen Roby spoke with Greg Valentine, solution director for Capgemini, about cybersecurity in the energy sector.
Italian energy company ERG reports "Only a few minor disruptions" affecting its information and communications technology infrastructure following a ransomware attack on its systems. While the Italian renewable energy group only reffered to the incident as a hacker attack, La Repubblica reported that the attack was coordinated by the LockBit 2.0 ransomware group.
The U.S. Department of Energy CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. In 2021, students have many more opportunities to learn about cybersecurity topics and compete within the CyberForce program.
Researchers at cybersecurity firm Intezer have been monitoring a campaign that appears to be mainly aimed at the energy sector, but attribution to a known threat group is made difficult by the fact that the operation involves several common malware families. The threat actor is attempting to deliver its malware using spear-phishing emails that are customized for the employees of each targeted organization.
The South Korean Atomic Energy Research Institute has confirmed that an unknown third-party gained unauthorized access to its systems. "Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage," the institute also said.
Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors. In a new report, Trend Micro researchers reveal that a new extortion campaign started in June where threat actors are impersonating the DarkSide ransomware gang.
Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide - the ransomware gang behind the Colonial Pipeline hack. "The content used on the emails has led us to believe that they did not come from the said threat group, but from an opportunistic low-level attacker trying to profit off the current situation around DarkSide ransomware activities," researchers said, in a Thursday blog post.
Everbridge and WizNucleus announced a partnership to increase digital and physical security for some of the world's largest nuclear, electric, and other utility companies. Through the partnership, WizNucleus customers gain seamless access to Everbridge's CEM solutions, including Control Center, helping increase preparedness for a wide range of digital and physical threats.