New data released by IBM X-Force on operational technology (OT) vulnerabilities confirmed the OT cyber threat landscape is expanding dramatically and assigns percentages to the attack sectors (manufacturing was highest at 65%) and vectors. Excerpts: So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. Sectors: 65% – Manufacturing – So far in 2022, manufacturing remains in the lead across both metrics at 23% of total…
ISBuzz Team
Signal, often considered one of the most secure messaging app, was recently affected by a phishing attack suffered by Twilio, the company providing Signal with phone number verification services. With this breach, InfoSec expert and Industry leader provided some insights on MFA and SMS: • What is a secure method for 2FA? • Is SMS a secure 2FA method? • What are some advice you have for secure MFA implementation?
As reported by Sky News, Microsoft has confirmed that scammers have began a campaign posting counterfeit packages designed to look like Microsoft Office products to defraud people. The scam, which has seen criminals mail packages to victims containing USB sticks and product keys, sees victims install malicious software and call a fake support line and hand over access to their PC to a remote attacker.
According to TechMonitor, hundreds of thousands of websites, including some with UK government domains, that use the open source development tool Git are at risk of having their entire codebase, history and previous code changes stolen by hackers. Cybersecurity platform Defense.com found that 332,000 websites, including 2,500 on UK government domains, had failed to secure this highly sensitive .git folder created by the tool. Doing so “leaves these businesses vulnerable to exploitation by threat actors and is a serious issue that many affected organisations are unaware of”, the report claims. “Those that are aware are not following cybersecurity best practices…
Cybersecurity researchers at Proofpoint have today published new threat intelligence detailing how cybercriminal group TA558 has been targeting hospitality, hotel, and travel organisations to deploy malware and steal data such as credit card numbers and hotel customer data for financial gain. During a busy summer for international travel in the wake of the pandemic, TA558 has increased its activity and poses a threat to travel organisations and travellers alike. This is the first comprehensive public report on TA558’s activity. Since 2018, campaigns have attempted to install a variety of malware including Loda RAT, Vjw0rm, and Revenge RAT.The group sends malicious…
The news broke that ESET researchers have identified a new cyberespionage campaign by North Korean APT group Lazarus, targeting Apple and Intel chip systems via a fake engineering job post supposedly from Coinbase. Identified in a series of tweets, the job description claims to be seeking an engineering manager for product security, before dropping a signed executable.
Hackers attack UK water supplier but extort wrong victim. The Clop ransomware gang claimed to have breach Thames Water supplier by accessing their SCADA systems, which would give them the ability to cause harm to 15 mill customers. However, as Clop published evidence of stolen files, the spreadsheet presented featured South Staff Water and South Staffordshire email addresses. South Staffordshire Water, a company which supplies 330 million litres of drink water to 1.6 consumers daily, issued a statement confirming an IT disruption from a cyberattack.
As you may have heard, 8,000 internet-accessible VNC instances were exposed due to disabled authentication. Security researchers found that these instances were managed by critical infrastructure organizations such as water treatment plants, manufacturing plants, and research facilities. With authentication disabled, malicious actors could potentially hijack these endpoints and the industrial control systems they’re often connected to. While VNC has been handy during COVID by allowing users to remotely control IT/IOT infrastructure assets, the lack of safety measures and security checks resulting in this vulnerability makes it fairly easy for intruders to penetrate the victim’s network and create havoc.
Irdeto’s Connected Transport business will partner with Clavister to combine Clavister’s Next Generation Firewall (NGFW) solution and AI engine for zero-day vulnerabilities with Irdeto’s Asset Protection capabilities. The collaboration will enable end customers to monitor and manage their connected fleet securely and remotely while delivering world-class digital customer experiences. Why does this matter? Clavister has long been securing transport infrastructure and critical applications as part of its public sector focus and working with long-term partners.Irdeto’s long heritage and global footprint across multiple transport segments, such as automotive, rail and construction, brings a unique combination of skills and knowledge to extend…
Phishing is a huge threat that affects so many industries every year. Some industries were hit particularly hard, with retail workers receiving an average of 49 phishing emails a year and many employees in these industries being completely unaware of how sophisticated and believable these emails can be. 2021 research found a 7.3% increase in email-based attacks between May and August 2021, the majority of which were part of phishing campaigns. The increase in phishing attacks means email communications networks are now riddled with cybercrime and it does beg the question, could these ever-rising statistics be helped if employees were more aware…