Apura Cyber Corp’s Post

Ransomware attack on US Gas supply https://lnkd.in/e7ZTQytm DHS has issued an advisory yesterday citing a recent ransomware attack on a natural gas supplier as an example that critical infrastructure in the United States was super-vulnerable to cyber attacks. The security advisory has highlighted the fact that companies should take the incident as a wake-up call and take all necessary measures to prevent such incidents from hitting their infrastructure in the future. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency disclosed to the media that a threat actor somehow managed to induce a spear-phishing link into the IT infrastructure of the natural gas compression facility and obtains […]

Ransomware attack on US Gas supply https://lnkd.in/eCuNnvfT DHS has issued an advisory yesterday citing a recent ransomware attack on a natural gas supplier as an example that critical infrastructure in the United States was super-vulnerable to cyber attacks. The security advisory has highlighted the fact that companies should take the incident as a wake-up call and take all necessary measures to prevent such incidents from hitting their infrastructure in the future. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency disclosed to the media that a threat actor somehow managed to induce a spear-phishing link into the IT infrastructure of the natural gas compression facility and obtains […]

🎯The Romanian National Cybersecurity Directorate (DNSC) says the Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. Electrica became an independent company in 2000 after it was established as a division of the National Electricity Company (CONEL) in 1998. Since 2014, Electrica has been listed on the London and Bucharest stock exchanges. The company now provides electricity supply, maintenance, and other energy services to over 3.8 million users across Muntenia and Transylvania. 🔔 Stay connected for industry’s latest content – Follow Dr. Anil Lamba, CISSP #linkedin #teamamex #JPMorganChase #cybersecurity #technologycontrols #infosec #informationsecurity #GenAi #linkedintopvoices #cybersecurityawareness #innovation #techindustry #cyber #birminghamtech #cybersecurity #fintech #careerintech #handsworth #communitysupport #womenintech #technology #security #cloud #infosec #riskassessment #informationsecurity #auditmanagement #informationprotection #securityaudit #cyberrisks #cybersecurity #security #cloudsecurity #trends #grc #leadership #socialmedia #digitization #cyberrisk #education #Hacking #privacy #datasecurity #passwordmanagement #identitytheft #phishingemails #holidayseason #bankfraud #personalinformation #creditfraud

The recent Lynx ransomware attack on Electrica, a major energy supplier in Romania, is a stark reminder of the growing threat ransomware poses to critical infrastructure. This incident highlights how cybercriminals continue to target essential services, causing widespread disruption and economic consequences. Key Takeaways: The attackers infiltrated Electrica's systems, compromising sensitive data and disrupting operations. Ransomware groups like Lynx are increasingly sophisticated, often exploiting vulnerabilities in networks and supply chains. Critical infrastructure sectors, including energy, remain prime targets due to their pivotal role in societal functioning. This raises important questions for organizations across industries: Are your defenses prepared for ransomware threats? Do you have robust incident response and recovery plans in place? How often do you test your security posture through vulnerability assessments or penetration tests? Let’s use this as a reminder to double down on cybersecurity efforts. Proactive measures, including advanced threat detection, regular security audits, and employee awareness training, are key to staying ahead of these evolving threats. What steps are you taking to ensure your organization is resilient against such attacks? Let’s discuss. https://lnkd.in/grcSzydB Secure-Tactics IT Solutions #CyberSecurity #Ransomware #CriticalInfrastructure #ThreatDetection #IncidentResponse #CyberDefense https://lnkd.in/g3pfGqZj

These are excellent points! Cybersecurity is no longer optional—it's essential. Proactively testing your security posture through regular vulnerability assessments and penetration tests can make all the difference. Coupled with strong incident response and recovery plans, organizations can better mitigate the impact of ransomware attacks. We must remain vigilant and ensure all employees are trained to spot potential threats. It’s an ongoing effort, and staying ahead of evolving risks is key. Looking forward to hearing what steps others are taking to strengthen their defenses! https://lnkd.in/gw7sxpNM #CyberSecurity #Ransomware #CriticalInfrastructure #ThreatDetection #IncidentResponse #CyberDefense

Iranian hackers are ramping up attacks on critical infrastructure, aiming to steal passwords and gain access to sensitive networks in sectors like energy, water, and healthcare. U.S. cybersecurity agencies urge organizations to strengthen credential management and implement multi-factor authentication to counter these threats. 🔗 Full article on CyberScoop: https://hubs.ly/Q02VS53V0 #CyberSecurity #InfrastructureSecurity #CredentialManagement #Infosec #TCT

Article: Netskope integration partner Forescout Technologies Inc. reports state-sponsored hackers target VPN vulnerabilities, ransomware attacks rise in the first half of 2024, compared to the first half of 2023. The data shows that state-sponsored actors use hacktivist personas and target VPN vulnerabilities as entry points. Attackers have shifted from managed endpoints to the unmanaged perimeter for initial access and impact. Network infrastructure and other high-risk unmanaged devices are becoming more attractive targets due to the challenges in detecting and investigating these attacks, primarily due to a lack of network visibility and security telemetry from these devices. It is crucial to secure them proactively. Forescout emphasized significant examples in the first half of 2024, including the Cyber Army of Russia, believed to be linked to Sandworm, launched an attack against a wastewater treatment plant in the U.S. This attack occurred a month after the White House warned of hackers targeting U.S. water systems. The BlackJack group, thought to be affiliated with Ukrainian intelligence, used the custom malware Fuxnet to disable thousands of sensors monitoring Moscow’s sewage system. As legacy remote access VPNs prove to be doing more harm than good for most organizations, ZTNA emerges as the modern alternative. It’s time for organizations to put their VPN in the past. #Netskope #VPN #ZTNA #SASE #SSE https://lnkd.in/g-V7ZECa

According to a recent article I came across, there's been a rise in cyberattacks targeting critical infrastructure sectors, like power grids and water treatment plants. These attacks are often carried out by groups affiliated with China and North Korea, and they use all sorts of tricks in their playbook – including ransomware – to disrupt operations and potentially steal valuable data. Here's the thing that throws a real wrench into things: sometimes, these attacks are cleverly disguised to look like regular ol' criminal activity. This makes it super tough to pinpoint the real culprits. So, what can we do about this? Are we prepared for these kinds of attacks? It's a question businesses of all sizes should be asking themselves. Let me know in the comments what YOU think about this whole situation. Is it time for a digital defense upgrade? #cybersecurity #ransomware #criticalinfrastructure #business #informationsecurity #dataprivacy https://hubs.ly/Q02DpQ-b0

AlphV, a ransomware group that dismantled last year, has resurfaced, this time targeting a pipeline operator in Canada. It seems the attack is linked to a previous data leak to the Trans-Northern pipeline in November 2023. The company has announced that the impact has been significant, disrupting internal and external communications with vendors and hampering the company's ability to address federal regulatory inquiries. The fact that new infrastructures are becoming targets of cyber threats is alarming. Regardless of the size of the business, cybersecurity is crucial in any industry. Until cybersecurity frameworks are addressed, the looming threat of catastrophic and massively disruptive attacks persists. Take a dip dive into this evolving #cybersecurity news https://hubs.ly/Q02m4JDw0 #CyberNews #Ransom #Bewary #GlobalSecurity

Researchers from Sophos disclosed in a ‘Pacific Rim’ report details of its five-year investigation tracking China-based groups targeting Sophos firewalls using botnets, novel exploits, and bespoke malware. With the collaboration of other cybersecurity vendors, governments, and law enforcement agencies, specific clusters of observed activity have been attributed, with varying levels of confidence, to Volt Typhoon, APT31, and APT41/Winnti. Following the release of the Pacific Rim report, the U.S. Federal Bureau of Investigation (FBI) is asking the public for assistance in an investigation involving the compromise of edge devices and computer networks belonging to companies and government entities. “As described by Sophos Ltd. in a recently released cyber security report, on April 22, 2020, an Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed to exfiltrate sensitive data from firewalls worldwide.” The FBI is seeking information regarding the identities of the individuals responsible for these cyber intrusions.  Over the tracked period, Sophos identified three key evolving attacker behaviors. A shift in focus from indiscriminate noisy widespread attacks (which X-Ops has concluded were failed attempts to build operational relay boxes (ORBs) to aid future targeted attacks) to stealthier operations against specific high-value and critical infrastructure targets primarily located in the Indo-Pacific region. Victim organizations include nuclear energy suppliers and regulators, military, telecoms, state security agencies, and central government. In its Pacific Rim report, Sophos also identified evolution in stealth and persistence capability. Notable recent TTPs include increased use of living-off-the-land, insertion of backdoored Java classes, memory-only Trojans, a large and previously undisclosed rootkit (with design choices and artifacts indicative of cross-platform multi-vendor capability), and an early experimental version of a UEFI bootkit.