Tag: infrastructure
-
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign
Tags: access, cyber, cyberattack, cybersecurity, healthcare, infrastructure, intelligence, iran, passwordCybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks.”Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and First seen…
-
Organizations Faster at Detecting OT Incidents, but Response Still Lacking: Report
SANS has published its 2024 State of ICS/OT Cybersecurity report, based on a survey of over 530 critical infrastructure sector professionals. The post Organizations Faster at Detecting OT Incidents, but Response Still Lacking: Report appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/organizations-faster-at-detecting-ot-incidents-but-response-still-lacking-report/
-
SafeBreach Coverage for US CERT AA24-290A (Iranian Cyber Actors)
Iranian threat actors are using brute force and other techniques to compromise critical infrastructure entities. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/safebreach-coverage-for-us-cert-aa24-290a-iranian-cyber-actors/
-
From Windows to Linux to ESXi: The Cicada3301 Ransomware Hits Them All
A sophisticated ransomware group, Cicada3301, has rapidly risen to prominence in the cybercrime landscape, targeting critical infrastructure sectors across the globe. First identified in June 2024, the Cicada3301 ransomware-as-a-service (RaaS)... First seen on securityonline.info Jump to article: securityonline.info/from-windows-to-linux-to-esxi-the-cicada3301-ransomware-hits-them-all/
-
Two Sudanese nationals indicted for operating the Anonymous Sudan group
The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime collective Anonymous Sudan that launched tens of thousands of Distributed Denial of Service (DDoS) attacks…
-
CISA Unveils ‘Exceptionally Risky’ Software Bad Practices
CISA and FBI Warn Software Providers to Avoid Risky Development Practices. The Cybersecurity and Infrastructure Security Agency and the FBI released a joint advisory urging software providers to avoid risky practices like using memory-unsafe languages and other techniques that could jeopardize critical infrastructure and national security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-unveils-exceptionally-risky-software-bad-practices-a-26556
-
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023.The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,…
-
Authorities Indicted Two Anonymous Sudan Hackers Over Cyberattacks
Tags: attack, cyber, cyberattack, cybercrime, government, group, hacker, infrastructure, network, serviceA federal grand jury has indicted two Sudanese nationals, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27. The pair are accused of operating Anonymous Sudan, a notorious cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks targeting critical infrastructure and government agencies globally. Unveiling the Cybercriminal Network…
-
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizations to address these risks promptly. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/
-
U.S. DOJ Charges Operators of Anonymous Sudan for DDoS Attacks on Critical Infrastructure
The U.S. Department of Justice announced today the indictment of two Sudanese nationals, Ahmed Salah Yousif Omer (22) and Alaa Salah Yusuuf Omer (27), for their alleged roles in operating... First seen on securityonline.info Jump to article: securityonline.info/u-s-doj-charges-operators-of-anonymous-sudan-for-ddos-attacks-on-critical-infrastructure/
-
Iranian Hackers Using Brute Force on Critical Infrastructure
Tags: advisory, authentication, cyber, cybersecurity, hacker, infrastructure, iran, password, threatAdvisory Warns Iranian Threat Actors Use ‘Push Bombing’ to Target Critical Sectors. Iranian cyber actors are increasingly using brute force techniques, such as password spraying and multifactor authentication push bombing, to target critical infrastructure sectors, according to a cybersecurity advisory released Wednesday by the Cybersecurity and Infrastructure Security Agency. First seen on govinfosecurity.com Jump to…
-
Iranian hackers act as brokers selling critical infrastructure access
Tags: access, credentials, cyberattack, cybercrime, data, hacker, infrastructure, iran, network, threatIranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iranian-hackers-act-as-brokers-selling-critical-infrastructure-access/
-
Sudanese brothers charged for ‘Anonymous Sudan’ attacks targeting critical infrastructure, government agencies and hospitals
First seen on therecord.media Jump to article: therecord.media/anonymous-sudan-brothers-charged-ddos-attacks-hospital-critical-infrastructure
-
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
Tags: cisa, credentials, cve, cybersecurity, exploit, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain First…
-
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems. The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/volkswagen-says-it-infrastructure-not-affected-after-ransomware-gang-claims-data-theft/
-
Digitale Infrastruktur im Rahmen der NIS2 stärken – Mehr Security-Verantwortung für die Chefetage
First seen on security-insider.de Jump to article: www.security-insider.de/eu-gesetz-nis2-richtlinie-anforderungen-auswirkungen-unternehmen-a-1114fcacbc41d2d18ed38c29d514fa63/
-
Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure
Trend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth Simnavaz, also known as APT34 or OilRig. This Iranian-linked cyber espionage group has... First seen on securityonline.info Jump to article: securityonline.info/earth-simnavaz-exploits-windows-kernel-flaw-cve-2024-30088-in-attacks-on-critical-infrastructure/
-
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
Tags: cisa, cloud, cve, cybersecurity, exploit, fortinet, infrastructure, ivanti, kev, service, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA)…
-
Congress Seeks Urgent Action After Chinese Telecom Hack
Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks. Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group. First seen on govinfosecurity.com…
-
TrickMo malware steals Android PINs using fake lock screen
Forty new variants of the TrickMo Android banking trojan have been identified in the wild, linked to 16 droppers and 22 distinct command and control (C2) infrastructures, with new features designed to steal Android PINs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trickmo-malware-steals-android-pins-using-fake-lock-screen/
-
Last Chance to Save: Get Your Ticket to the 2024 ICS Cybersecurity Conference
Premier Industrial Cybersecurity Conference offers 75+ sessions and hands-on training to tackle critical infrastructure cyber threats. The post Last Chance to Save: Get Your Ticket to the 2024 ICS Cybersecurity Conference appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/last-chance-to-save-get-your-ticket-to-the-2024-ics-cybersecurity-conference/
-
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oilrig-hackers-now-exploit-windows-flaw-to-elevate-privileges/
-
Meet the Chinese ‘Typhoon’ hackers preparing for war
Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which top U.S. officials have described as an “epoch-defining threat.” In recent months, U.S. intelligence officials said Chinese government-backed hackers have been burrowing deep into the networks of U.S. critical infrastructure, including water, energy…
-
CISA advisory committee approves four draft reports on critical infrastructure resilience
Each report includes recommendations for the cyber agency to tackle, with the overarching goal of combating threats from China. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-cybersecurity-advisory-committee-october-report/
-
Hackers Prowling For Unencrypted BIG-IP Cookies, Warns CISA
Agency Says Cookies Could Help Attackers Find Network Assets, Vulnerabilities. Unencrypted cookies tied to a suite of secure gateway technology from F5 are gateways for hackers to reach internal devices on corporate networks, warns the Cybersecurity and Infrastructure Security Agency. BIG-IP uses persistent cookies as a traffic load-balancing convenience. First seen on govinfosecurity.com Jump to…
-
Passwordless Authentication without Secrets!
Tags: access, attack, authentication, breach, business, ciso, cloud, compliance, conference, credentials, cybercrime, data, data-breach, encryption, finance, GDPR, healthcare, iam, ibm, identity, infrastructure, mfa, office, passkey, password, privacy, regulation, risk, software, strategy, technology, updatePasswordless Authentication without Secrets! divya Fri, 10/11/2024 – 08:54 As user expectations for secure and seamless access continue to grow, the 2024 Thales Consumer Digital Trust Index (DTI) research revealed that 65% of users feel frustrated with frequent password resets. This highlights an increasing demand for advanced authentication methods like passkeys and multi-factor authentication (MFA),…
-
CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks.It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not…
-
How should CISOs respond to the rise of GenAI?
Apply comprehensive security with access control, secure coding, infrastructure protection and AI governance First seen on theregister.com Jump to article: www.theregister.com/2024/10/10/how_should_cisos_respond_to/
-
U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This week, Fortinet addressed a critical flaw in FortiOS, tracked as CVE-2024-23113 (CVSS score 9.8). The issue if…