You are here

Home » Cybersecurity

Cybersecurity

FBI FLASH – Identification and Disruption of the Warzone Remote Access Trojan (RAT)

The FBI has published a TLP:CLEAR FLASH to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Warzone Remote Access Trojan (RAT), also identified as “Ave Maria” through open-source reporting and FBI investigation.

On 7 February 2024, the FBI and international partners executed a coordinated operation to disrupt Warzone RAT infrastructure worldwide. The FBI is releasing this product to maximize awareness on the service and to seek additional reporting from victims.

Incident Awareness – Canadian Pipeline Confirms November Breach, ALPHV/BlackCat Claims Responsibility

The Trans-Northern Pipelines (TNPI), a Canadian pipeline located in Ontario-Quebec, confirmed yesterday that its internal network was breached in November. TNPI operates 726 total miles of pipeline across Ontario and Alberta, transporting 221,300 barrels daily. The threat group ALPHV/BlackCat has claimed responsibility for the breach, added Trans-Northern to its blackmail site on Tuesday, and purports to have stolen 190 GB of data from the oil distributor.

Cyber Resilience – Observed Challenges in Information Sharing, Applicable Lessons from an ISAC Exercise

In October 2023, Health-ISAC (H-ISAC) facilitated an all-day workshop and tabletop exercise with Health-ISAC members and United States Government (USG) agencies in Washington, DC. While the exercise involved healthcare organizations, the scenario and challenges are applicable and representative broadly across all critical infrastructure sectors. The H-ISAC has released its Hobby Exercise 2023 After Action Report, which documents the lessons learned and challenges experienced upon review of its most recent Hobby Exercise Series.

Cyber Resilience – Cyber Readiness Institute (CRI) Continues Recruiting Small and Medium-sized Water and Wastewater Utilities for Free Cybersecurity Training

Members may recall the Cyber Readiness Institute’s (CRI) original call to action for the water and wastewater systems sector during WaterISAC’s August 23, 2023 Cyber Threat Briefing and  H2OSecCon in October. The pilot for the Resiliency for Water Utilities has been so successful that CRI is continuing the program and actively recruiting new participants.

Security Awareness – Azure (and other) Attacks Against Executives

Email-based attacks are arguably the most prevalent phishing technique used to gain initial access to “VIP” accounts such as executives, finance managers, and human resources staff. Attacks targeting executives are nothing new, but a couple of recent campaigns highlight the importance of the need to include executives, C-Suite, and other leadership in security awareness training. Two recent campaigns are leveraging Microsoft Azure corporate clouds and QR code phishing (quishing) to abscond with sensitive information, including credentials.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 13, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 13, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Passthrough: Joint Cyber Defense Collaborative (JCDC) Priorities for 2024

Yesterday, CISA—on behalf of the collective group of industry and government partners that comprise the Joint Cyber Defense Collaborative (JCDC)—released JCDC’s 2024 Priorities. Similar to the 2023 JCDC Planning Agenda, JCDC’s 2024 Priorities will help focus the group on developing high-impact and collaborative solutions to the most pressing cybersecurity challenges.

The focused goals of the 2024 priorities are to:

WaterISAC and NRWA Announce Collaborative Effort to Better Serve the Underserved

WaterISAC and the National Rural Water Association (NRWA) recently announced a formal collaboration effort intended to educate rural utilities across the country about both cyber and physical security threats. The collaboration comes in hopes to increase resilience efforts among some of the country’s smallest and often overlooked utilities, including 25,000 NRWA members that serve populations of 3,300 or fewer.

Pages

Subscribe to Cybersecurity