Tag Archive for: energy

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach 

/in


SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:  

SentinelOne ends Wiz collaboration following acquisition rumors

SentinelOne has ended its collaboration with cloud security firm Wiz following reports of a potential merger valued at $5-6 billion. SentinelOne shut down the rumors that it’s being acquired by Wiz a few days later, when it announced its decision to unilaterally terminate its six-month-old partnership with Wiz “as a result of their continued lack of execution against their commitments”.

Hackers may be breaking into LastPass vaults compromised in data breach 

Advertisement. Scroll to continue reading.

Some experts believe that threat actors may be breaking into the LastPass vaults compromised in a data breach last year, security blogger Brian Krebs reported. An investigation showed that many security-conscious individuals who had a total of $35 million worth of cryptocurrency stolen from them had used LastPass to store their private key.

Semiconductor company NXP discloses data breach

Dutch semiconductor designer and manufacturer NPX has disclosed a data breach affecting the email addresses of users who had registered an account on npx.com, but had not used it for at least 18 months. No other information was exposed, NPX said. 

Data breach at golf equipment maker Callaway impacts one million people

Callaway, a company that makes clubs, balls and other golf equipment, has disclosed a data breach affecting more than one million people. The firm said it discovered unauthorized access to information such as name, email address, phone number, order history, password, and security question answer. 

New report details how China is weaponizing…

Source…

Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack

/in


At the Defcon security conference in Las Vegas last weekend, thousands of hackers competed in a red-team challenge to find flaws in generative AI chat platforms and help better secure these emerging systems. Meanwhile, researchers presented findings across the conference, including new discoveries about strategies to bypass a recent addition to Apple’s macOS that is supposed to flag potentially malicious software on your computer. 

Kids are facing a massive online scam campaign that targets them with fake offers and promotions related to the popular video games Fortnite and Roblox. And the racket all traces back to one rogue digital marketing company. The social media platform X, formerly Twitter, has been filing lawsuits and pursuing a strategic legal offensive to oppose researchers who study hate speech and online harassment using data from the social network.

On Thursday, an innovation agency within the US Department of Health and Human Services announced plans to fund research into digital defenses for health care infrastructure. The goal is to rapidly develop new tools that can protect US medical systems against ransomware attacks and other threats.

But wait, there’s more! Each week, we round up the stories we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

A large phishing campaign that’s been active since May has been targeting an array of companies with malicious QR codes in attempts to steal Microsoft account credentials. Notably, researchers from the security firm Cofense observed the attacks against “a major Energy company based in the US.” The campaign also targeted organizations in other industries, including finance, insurance, manufacturing, and tech. Malicious QR codes were used in nearly a third of the emails reviewed by researchers. QR codes have disadvantages in phishing, since victims need to be compelled to scan them for the attack to progress. But they make it more difficult for victims to evaluate the trustworthiness of the URL they’re clicking on, and it’s more likely that emails containing a QR code will reach their target, because it’s more difficult for spam filters to assess QR…

Source…

Cyber resilience in the renewable energy sector

/in


In April 2022, a few months after the start of the Russia-Ukraine war, three wind-energy companies in Germany were hit with cyber-attacks that disabled thousands of digitally managed wind turbines. In one case, the company wasn’t even the target but “collateral damage” after attackers took down the Ukrainian satellite system ViaSat. This is just one example of the cyber-risks now facing digital renewable energy systems.

It is estimated that by 2050, global power systems will be 70% reliant on renewable energy – derived mainly from solar, wind, tidal, rain, and geothermal sources. These energy sources are generally distributed, geographically remote, and relatively small scale. They are often managed and operated using under-secured digital technologies that plug directly into the legacy infrastructure of national power grids. This creates a broad cyber-attack surface for threat actors to target.

From risk to resilience

To build robust cyber-resilience into digital renewable energy systems we first need to understand the areas of risk. These include, but are not limited to:

  1. Code vulnerabilities and misconfigurations in embedded software. The demand for renewable energy means that supporting technologies and applications are often developed and implemented at speed, with little time to include or test security controls. The vendors and their developers will be experts in electrical engineering and may not have the relevant security skills to do this anyway. The risk is compounded if software isn’t regularly patched and updated as bugs are reported. 
  2. Unsecured APIs. Another software-related risk, application programme interface (API) based applications can communicate and share data and functionality with other applications, including third party apps. They are a common feature of connected or public-facing systems. Web application security and firewalls are essential to prevent attackers from leveraging APIs to steal data, infect devices and build botnets.
  3. Management, control, reporting and analysis systems. Software-related risk No 3 – Management and control software, such as supervisory control and data acquisition (SCADA) systems, and other systems that import, analyse and…

Source…

A Russian ransomware gang breaches the Energy Department and other federal agencies

/in


The Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments, but the impact was not expected to be great, Homeland Security officials said Thursday.

But for others among what could be hundreds of victims from industry to higher education — including patrons of at least two state motor vehicle agencies — the hack was beginning to show some serious impacts.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told reporters that unlike the meticulous, stealthy SolarWinds hacking campaign attributed to state-backed Russian intelligence agents that was months in the making, this campaign was short, relatively superficial and caught quickly.

“Based on discussions we have had with industry partners … these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high value information— in sum, as we understand it, this attack is largely an opportunistic one,” Easterly said.

“Although we are very concerned about this campaign and working on it with urgency, this is not a campaign like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she added.

A senior CISA official said neither the U.S. military nor intelligence community was affected. Energy Department spokesperson Chad Smith said two agency entities were compromised but did not provide more detail.

Known victims to date include Louisiana’s Office of Motor Vehicles, Oregon’s Department of Transportation, the Nova Scotia provincial government, British Airways, the British Broadcasting Company and the U.K. drugstore chain Boots. The exploited program, MOVEit, is widely used by businesses to securely share files. Security experts say that can include sensitive financial and insurance data.

Louisiana officials said Thursday that people with a driver’s license or vehicle registration in the state likely had their personal information exposed. That included their name, address, Social Security number and birthdate. They encouraged Louisiana residents to…

Source…