December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more
December 12, 2024 at 03:48PM Iranian threat actors are deploying a new malware, IOCONTROL, to attack IoT devices and critical infrastructure systems in Israel and the U.S. It targets various devices, including routers and fuel management systems, potentially causing disruptions. Linked to the CyberAv3ngers group, it is difficult to detect with current antivirus tools. ### … Read more
December 10, 2024 at 11:40AM The U.S. Treasury sanctioned Sichuan Silence, a Chinese cybersecurity firm, and an employee for involvement in 2020 Ragnarok ransomware attacks on U.S. critical infrastructure. Guan Tianfeng exploited a zero-day vulnerability, compromising 81,000 firewalls globally, including over 23,000 in the U.S. A $10 million reward has been offered for information. **Meeting … Read more
December 9, 2024 at 02:19PM A new report by Fortress Information Security reveals significant vulnerabilities in software powering U.S. utilities, with hundreds highly exploitable. 25% of components used are from Chinese developers, posing security risks. The report emphasizes the need to identify and eliminate compromised code to safeguard critical infrastructure from potential attacks. ### Meeting … Read more
December 3, 2024 at 03:07PM ENGlobal, an American energy contractor, is facing limited IT system access following a ransomware incident detected on November 25. The company is investigating and mitigating the breach, which involved unauthorized access and encryption of data. ENGlobal serves high-profile clients, including government departments, making it a prime target for cybercriminals. **Meeting … Read more
November 24, 2024 at 10:33AM The Franklin project, launched at DEF CON, enlists hackers to enhance cybersecurity for six US water companies, addressing critical vulnerabilities. In partnership with the University of Chicago and the NRWA, volunteers will assess and improve security systems, aiming to bolster resilience against cyber threats targeting America’s critical infrastructure. **Meeting Takeaways: … Read more
November 22, 2024 at 11:53AM Nearly 100 large community water systems in the U.S. possess serious cybersecurity vulnerabilities, risking water supply for 27 million Americans. Despite regulations, financial and resource constraints hinder proper security measures. Cyberattacks from various groups have targeted water systems, emphasizing a critical need for improved investment and security practices in this … Read more
November 22, 2024 at 09:51AM Research reveals that numerous private cybersecurity firms and universities are aiding China in developing offensive cyber capabilities to support military and economic ambitions. This collaboration enhances cyberattacks, particularly against U.S. infrastructure, raising concerns about China’s persistent cyber threats and the complex ecosystem involving state and non-state actors. ### Meeting Takeaways … Read more
November 21, 2024 at 06:11AM New research reveals over 145,000 internet-exposed Industrial Control Systems (ICS) in 175 countries, with the U.S. having the highest exposure. Key protocols used are outdated, increasing vulnerability. Cyber attacks targeting ICS are rare but rising, necessitating enhanced security measures. The analysis underscores the importance of monitoring and securing critical infrastructure. … Read more
November 18, 2024 at 03:56PM Jen Easterly, director of CISA, will resign on Inauguration Day as part of a transition to a Trump administration. During her tenure, she addressed significant cybersecurity incidents, including the Colonial Pipeline attack, and implemented new initiatives. Future plans for CISA remain uncertain amid calls from Republicans for mission restrictions. ### … Read more