A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6, 2023. […]
This cybersecurity information sheet (CSI) is being released by the National Security Agency (NSA) in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA). The purpose of this document is to provide recommendations and best practices for improving defenses in cloud implementations of development, security, and operations (DevSecOps). This CSI explains how to integrate security […]
Applied Programming Interfaces (API) are an essential component of most modern programs and applications. In fact, cloud applications and mobile applications now rely heavily on APIs because they are designed to control various elements. Many large companies have hundreds or even thousands of APIs built into their infrastructure. The number of API interfaces will only […]
The U.S. Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator’s control […]
Amid Russia’s war with Ukraine, Russian state-backed businesses continue to face attacks and data leaks from hackers. A website famous for hosting leaks released a link to around 79 gigabytes of allegedly stolen emails from Transneft, a government-controlled Russian oil pipeline company. Transneft, which has its headquarters in Moscow, is the largest pipeline company globally. […]
Cyberattacks on Russia have been on the rise since their invasion of Ukraine. On February 25th, the Anonymous group posted on Twitter, “The Anonymous Collective is officially in cyberwar against the Russian government”. Anonymous has been infiltrating several Russian organizations ever since. — Anonymous (@YourAnonOne) February 24, 2022 Most of the businesses were Russian-state backed. […]
A representative of the U.S. farmers’ cooperative NEW Cooperative has confirmed that the organization became victim of a BlackMatter ransomware infection. Reportedly, threat actors are reportedly demanding a $5.9 million USD ransom in exchange for handing over the decryption keys and not revealing the compromised information. In addition, hackers have threatened to increase the ransom […]
After multiple reports and rumors, Transnet Port Terminals (TPT) confirmed a cyberattack that affected its entire it infrastructure. As some will recall, Transnet Group is the operator of state ports in South Africa, operating as a state monopoly. The company is trying to minimize the incident and downplay it, describing it as a simple outage […]
In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins (currently valued at $2.3 million) paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California. The ransomware attack also hobbled the pipeline […]
The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator’s network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April […]
SonicWall security teams released a security alert to invite their customers to install patches that address a critical post-auth vulnerability present in local versions of the Network Security Manager (NSM) firewall solution. Tracked as CVE-2021-20026, the flaw resides in NSM versions prior to v2.2.0-R10-H1 and was fixed with the release of v2.2.1-R6 and 2.2.1-R6 Enhaced. […]
A massive ransomware attack on one of the largest gas pipelines in the US, Colonial Pipeline, led it to be shut down on Friday. The FBI, the Energy Department, and the White House are all actively addressing the issue and assessing the damage after Colonial Pipeline announced Friday that it had shut down 5,500 miles of […]
Colonial Pipeline on Thursday restored operations to its entire pipeline system nearly a week following a ransomware infection targeting its IT systems, forcing it to reportedly shell out nearly $5 million to restore control of its computer networks. “Following this restart, it will take several days for the product delivery supply chain to return to […]
The largest gasoline company in the US, Colonial Pipeline was recently attacked by ransomware, and this attack has caused the company to shut down all its operations. Colonial Pipeline produces half of the gasoline and diesel on the East Coast of the US. On the 7th of May, the Colonial Pipeline learned that they have […]
The ransomware attack against Colonial Pipeline’s networks has prompted the U.S. Federal Motor Carrier Safety Administration (FMCSA) to issue a regional emergency declaration in 17 states and the District of Columbia (D.C.). The declaration provides a temporary exemption to Parts 390 through 399 of the Federal Motor Carrier Safety Regulations (FMCSRs), allowing alternate transportation of […]
U.S. authorities agreed the emergency pass of a new law after the country’s main pipeline was compromised by a ransomware attack that severely disrupted operations. Colonial Pipeline carries more than 2.5 million barrels per day, equivalent to 45% of the fuel supply for West Coast aircraft. The approved legislation relaxes the guidelines for road fuel […]
Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyber attacks. “On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack,” the company said in […]
As the Consumer Electronics Show (CES 2019) draws closer, rumors and speculations are in abundance. One such company (being a part of the rumor mill) is Sony, which has recently announced its CES 2019 event, hinting at possible devices to be launched. The Japanese company is set to host an event on January 7 in […]
A cyber attack that happened at a major U.S. Pipeline network has affected the electronic communication system there. Energy Transfer Partners, which is run by American billionaire businessman Kelcy Warren, was attacked by hackers; the attack had crippled the electronic communication system used by the company. Anyhow, as per reports, the situation has been tackled […]
The current price of 1 Bitcoin is almost USD 20,000 and those who cannot invest in cryptocurrencies find other ways get some. On Friday 15th December, Russian authorities said that Transneft, a state-owned largest oil pipeline company in the world suffered a cyber attack in which its computers were hacked to generate Monero digital currency. According to Reuters, […]
Anonymous Italy Launches #OperationGreenRights- Targets Italian Government Portals with DDoS Local government portals of Apulia and Basilicata regions in southern Italy have been attacked by the members of the infamous hacktivists collective Anonymous. The attack is being touted by Anonymous as a reactionary attempt to showcase resentment against the ongoing Trans Adriatic Pipeline project (TAP). […]