Move Over, APTs: Common Cybercriminals Begin Critical Infrastructure Targeting

According to an analysis from Forescout Research, Vedere Labs this week, one of two previously reported attacks against the Danish energy sector in May was mistakenly attributed to Sandworm.
Mass Exploitation of CVE-2023-27881 in Zyxel Firewalls At the time, Danish critical infrastructure security nonprofit SektorCERT noted that attackers were leveraging multiple, critical vulnerabilities in Zyxel gear, including two zero-days, to isolate targets from the national grid, and that command-and-control servers known to be associated with Sandworm were involved, across two different campaigns.
After the Danish attacks, further cyberactivity targeted exposed devices within critical infrastructure worldwide for months, with Forescout researchers detecting numerous IP addresses attempting to exploit the Zyxel bug across various devices as recently as October.
Attacks could continue still: At least six different power companies in European countries utilize Zyxel firewalls and may remain susceptible to potential exploitation by malicious actors, according to Forescout.
Critical Infrastructure: Not Just a State-Sponsored Target The fact that garden-variety opportunistic cyberattackers are getting into the ICS game should worry cyber defenders, according to John Gallagher, vice president of Viakoo Labs at Viakoo.
That trend will ironically be exacerbated by the modernization of the technology used by utilities and other critical infrastructure environments, notes Craig Jones, vice president of security operations at Ontinue.


This Cyber News was published on www.darkreading.com. Publication date: Thu, 11 Jan 2024 22:35:15 +0000


Cyber News related to Move Over, APTs: Common Cybercriminals Begin Critical Infrastructure Targeting

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
9 months ago Darkreading.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 month ago Cyberdefensemagazine.com
CVE-2023-52770 - In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. # ...
5 months ago Tenable.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
5 months ago Cisa.gov
Opening Statement by CISA Director Jen Easterly - Chairman Gallagher, Ranking Member Krishnamoorthi, Members of the Committee, thank you for the opportunity to testify on CISA's efforts to protect the Nation from the preeminent cyber threat posed by the People's Republic of China. As America's ...
9 months ago Cisa.gov
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
11 months ago Darkreading.com
Attacks on critical infrastructure are harbingers of war: Are we prepared? - Recent attacks on several water authorities, such as Aliquippa and St. Johns River, are putting a new spotlight on the need to protect critical infrastructure. In war, to bring a nation to its knees, attacks against power and water inflict the most ...
10 months ago Scmagazine.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
Strategy, Harmony & Research: Triaging Priorities for OT Cybersecurity - The mission of the Cybersecurity and Infrastructure Security Agency is to lead the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every hour of every day. CISA is not responsible ...
11 months ago Darkreading.com
Move Over, APTs: Common Cybercriminals Begin Critical Infrastructure Targeting - According to an analysis from Forescout Research, Vedere Labs this week, one of two previously reported attacks against the Danish energy sector in May was mistakenly attributed to Sandworm. Mass Exploitation of CVE-2023-27881 in Zyxel Firewalls At ...
9 months ago Darkreading.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
8 months ago Helpnetsecurity.com
The Top 5 Ransomware Takedowns - Learn about the recent achievements in the fight against ransomware as law enforcement agencies and cybersecurity organizations successfully disrupt operations, seize infrastructure, and safeguard victims from further attacks. Trigona ransomware, a ...
10 months ago Securityboulevard.com
Protecting Critical Infrastructure Means Getting Back to Basics - Critical infrastructure organizations are undergoing dramatic changes in their technology and cybersecurity landscapes that make them both more efficient and more vulnerable. Nation-state actors and cybercriminals increasingly are targeting the ...
9 months ago Darkreading.com
Chinese Threat Actors Concealed in US Infrastructure Networks - According to a joint alert from CISA, the NSA, the FBI, and partner Five Eyes organizations, the Chinese cyberespionage group Volt Typhoon entered a critical infrastructure network in the United States and remained undiscovered for at least five ...
8 months ago Heimdalsecurity.com
Singapore Cybersecurity Update Puts Cloud Providers on Notice - Lawmakers in Singapore updated the nation's cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that ...
5 months ago Darkreading.com
Russian Hackers Likely Not Involved in Attacks on Denmark's Critical Infrastructure - Russian state-sponsored APT actor Sandworm might have not been involved in last year's massive attack campaign against Denmark's critical infrastructure, cybersecurity firm Forescout says. The assaults occurred in May 2023 and resulted in the ...
9 months ago Securityweek.com
Sandman APT Gains Traction: Chinese Hackers Amplify Cybersecurity Risks - Following this assessment, SentinelOne, PwC, and Microsoft Threat Intelligence have been working together on this since they have determined that the adversary's Lua-based malware, LuaDream, and the KEYPLUG have both been found to cohabit in the ...
10 months ago Cysecurity.news
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
9 months ago Infosecurity-magazine.com
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw - Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Proactive ...
9 months ago Helpnetsecurity.com
2023's Dark Horse Cyber Story: Critical Infrastructure Attacks - There are several cybersecurity trends that truly deserve top attention when we look back at 2023 - and they will get it. Cyber attacks against critical infrastructure quietly grow, despite a lack of major attention. As we look back at the 2023 year ...
11 months ago Securityboulevard.com
Ten new Android banking trojans targeted 985 bank apps in 2023 - This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank ...
10 months ago Bleepingcomputer.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
9 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
9 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
9 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)