All posts in Critical Infrastructure

The FBI has warned that telephony denial-of-service attacks are taking aim at emergency dispatch centers, which could make it impossible to call for police, fire or ambulance services. Telephony denial-of-service (TDoS) attacks, which affect the availability and readiness of call centers, are hitting critical first-responder facilities, according to the Federal . . . Read more

Researchers discovered credentials for the Oldsmar water treatment facility in the massive compilation of data from breaches posted just days before the attack. Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked . . . Read more
A threat actor remotely accessed the IT system of the water treatment facility of Oldsmar and raised the levels of sodium hydroxide in the water, an action that was quickly noticed and remediated. A threat actor hacked into the computer system of the water treatment facility in Oldsmar, Fla., and . . . Read more
The ransomware attack, affecting OT systems, resulted in some of WestRock’s facilities lagging in production levels. WestRock – the second-largest packaging company in the U.S. – continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack. WestRock, which has more than 320 . . . Read more
Eletrobras, the largest power company in Latin America, faces a temporary suspension of some operations. Two state-owned utility companies in Brazil suffered separate ransomware attacks in the past week, forcing them to shut down some operations and services temporarily, In one case, sensitive data was stolen and dumped online, including . . . Read more

Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more. Industrial control software (ICS) from Fuji Electric is vulnerable to several high-severity arbitrary code-execution security bugs, according to a federal warning. Authorities are . . . Read more
A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren’t connected to the internet. Disconnecting devices from the internet is no longer a solid plan for protecting them from remote attackers. A new version of a known network-address translation (NAT) slipstreaming attack has been uncovered, . . . Read more

Report outlines deep cybersecurity challenges for the public/private seagoing sector. The White House has released cybersecurity guidance for securing the Maritime Transportation System (MTS), which operates along 25,000 miles of coastal and inland waterways in the United States. The document points out that the MTS encompasses “361 ports, 124 shipyards, . . . Read more
05 Jan, 2021
BazarLoader, Botnets, CISA advisory, Cloud Security, Cobalt Strike. DDoS, conti, COVID-19, Critical Infrastructure, health care, healthcare cybersecurity, Hospitals, Malware, Ransomware, ransomware as a service, ryuk, Security News, Sodinokibi, Software as a Service, TrickBot, Vulnerabilities, Web Security
0
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
30 Dec, 2020
amongus, Android, Breach, chrome, Cloud Security, cobalt strike, Critical Infrastructure, Cryptography, cyberpunk 2077, Cybersecurity, Editor's Picks, emotet, Gaming, Hacks, IoT, joker malware, Lucifer malware, malicious extension, Malware, Microsoft, Microsoft 365, microsoft credentials, microsoft teams, mobile malware, Mobile Security, most read, Most Recent ThreatLists, nvidia security bugs, Office 365, Phishing, Privacy, ps5, Ransomware, retrospective, scalperbots, Security News, Spear Phishing, top headlines, top stories 2020, Vulnerabilities, Web Security, Xbox Series X
0

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more