You are here

Home » Cybersecurity

Cybersecurity

Passthrough – EPA Office of Inspector General Issues BEC Fraud Alert

The U.S. EPA OIG issued a fraud alert (attached) to highlight the all-too-common and costly form of phishing known as business email compromise (BEC). In this convincing scam, criminals are using fraudulent emails that appear to come from known and trusted sources to access company email accounts and target organizations that make or receive financial transactions. These emails may originate from lookalike, or spoofed, email accounts or legitimate email accounts compromised through phishing campaigns.

Passthrough – CISA Cybersecurity Emotions

CISA recently shared its “Cybersecurity Emotions” series detailing social engineering tactics that threat actors often use when implementing various tactics against organizations and internet facing users. Organizations can add CISA’s “Cybersecurity Emotions” to security awareness training as each of the “emotions” are effectively described and explained giving relatable real-world understanding of these tactics and helping users learn the basics of “cyber hygiene.”

Ransomware Awareness – LockBit Ransomware Disrupted Following International Takedown Operation

In a joint operation known as “Operation Cronos,” international law enforcement partners collaborated in efforts to disrupt the notorious ransomware group known as LockBit. The U.S. Department of Justice Office of Public Affairs has issued a press release announcing the disruption of the gang along with indictment charges against two Russian nationals. 

A banner on LockBit’s data leak website reads:

FBI FLASH – Identification and Disruption of the Warzone Remote Access Trojan (RAT)

The FBI has published a TLP:CLEAR FLASH to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Warzone Remote Access Trojan (RAT), also identified as “Ave Maria” through open-source reporting and FBI investigation.

On 7 February 2024, the FBI and international partners executed a coordinated operation to disrupt Warzone RAT infrastructure worldwide. The FBI is releasing this product to maximize awareness on the service and to seek additional reporting from victims.

Incident Awareness – Canadian Pipeline Confirms November Breach, ALPHV/BlackCat Claims Responsibility

The Trans-Northern Pipelines (TNPI), a Canadian pipeline located in Ontario-Quebec, confirmed yesterday that its internal network was breached in November. TNPI operates 726 total miles of pipeline across Ontario and Alberta, transporting 221,300 barrels daily. The threat group ALPHV/BlackCat has claimed responsibility for the breach, added Trans-Northern to its blackmail site on Tuesday, and purports to have stolen 190 GB of data from the oil distributor.

Cyber Resilience – Observed Challenges in Information Sharing, Applicable Lessons from an ISAC Exercise

In October 2023, Health-ISAC (H-ISAC) facilitated an all-day workshop and tabletop exercise with Health-ISAC members and United States Government (USG) agencies in Washington, DC. While the exercise involved healthcare organizations, the scenario and challenges are applicable and representative broadly across all critical infrastructure sectors. The H-ISAC has released its Hobby Exercise 2023 After Action Report, which documents the lessons learned and challenges experienced upon review of its most recent Hobby Exercise Series.

Pages

Subscribe to Cybersecurity