You are here

Home » Cybersecurity

Cybersecurity

Ransomware Awareness – LockBit Ransomware Disrupted Following International Takedown Operation

In a joint operation known as “Operation Cronos,” international law enforcement partners collaborated in efforts to disrupt the notorious ransomware group known as LockBit. The U.S. Department of Justice Office of Public Affairs has issued a press release announcing the disruption of the gang along with indictment charges against two Russian nationals. 

A banner on LockBit’s data leak website reads:

FBI FLASH – Identification and Disruption of the Warzone Remote Access Trojan (RAT)

The FBI has published a TLP:CLEAR FLASH to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the Warzone Remote Access Trojan (RAT), also identified as “Ave Maria” through open-source reporting and FBI investigation.

On 7 February 2024, the FBI and international partners executed a coordinated operation to disrupt Warzone RAT infrastructure worldwide. The FBI is releasing this product to maximize awareness on the service and to seek additional reporting from victims.

Incident Awareness – Canadian Pipeline Confirms November Breach, ALPHV/BlackCat Claims Responsibility

The Trans-Northern Pipelines (TNPI), a Canadian pipeline located in Ontario-Quebec, confirmed yesterday that its internal network was breached in November. TNPI operates 726 total miles of pipeline across Ontario and Alberta, transporting 221,300 barrels daily. The threat group ALPHV/BlackCat has claimed responsibility for the breach, added Trans-Northern to its blackmail site on Tuesday, and purports to have stolen 190 GB of data from the oil distributor.

Cyber Resilience – Observed Challenges in Information Sharing, Applicable Lessons from an ISAC Exercise

In October 2023, Health-ISAC (H-ISAC) facilitated an all-day workshop and tabletop exercise with Health-ISAC members and United States Government (USG) agencies in Washington, DC. While the exercise involved healthcare organizations, the scenario and challenges are applicable and representative broadly across all critical infrastructure sectors. The H-ISAC has released its Hobby Exercise 2023 After Action Report, which documents the lessons learned and challenges experienced upon review of its most recent Hobby Exercise Series.

Cyber Resilience – Cyber Readiness Institute (CRI) Continues Recruiting Small and Medium-sized Water and Wastewater Utilities for Free Cybersecurity Training

Members may recall the Cyber Readiness Institute’s (CRI) original call to action for the water and wastewater systems sector during WaterISAC’s August 23, 2023 Cyber Threat Briefing and  H2OSecCon in October. The pilot for the Resiliency for Water Utilities has been so successful that CRI is continuing the program and actively recruiting new participants.

Security Awareness – Azure (and other) Attacks Against Executives

Email-based attacks are arguably the most prevalent phishing technique used to gain initial access to “VIP” accounts such as executives, finance managers, and human resources staff. Attacks targeting executives are nothing new, but a couple of recent campaigns highlight the importance of the need to include executives, C-Suite, and other leadership in security awareness training. Two recent campaigns are leveraging Microsoft Azure corporate clouds and QR code phishing (quishing) to abscond with sensitive information, including credentials.

Pages

Subscribe to Cybersecurity