A Chinese state-sponsored botnet called Raptor Train has infected more than 260,000 IoT and office network devices to target critical infrastructure globally. The hackers used zero-days and known vulnerabilities to compromise more than 20 different types of devices to expand their botnet.
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.
Congress' Select Committee on the Chinese Communist Party published a report warning that Beijing could use a Chinese state-owned crane company that currently dominates the global ship-to-shore port crane market to disrupt and manipulate the United States maritime supply chain.
The Space Force is suffering from years of delays, setbacks and shortcomings in its Global Positioning System modernization program, according to a Government Accountability Office report, which found major deficiencies and testing issues that could hinder the United States competitiveness in space.
The U.K. government on Thursday designated data centers as part of its critical national infrastructure in a move intended to prevent the loss of sensitive user data during disruptive cyberattacks. A newly announced data center security team will monitor and anticipate potential cyberthreats.
Charles Armstrong, chief information officer of the Federal Emergency Management Agency, told the Billington Cybersecurity Summit his agency has begun deploying cyber advisors to disaster recovery zones to "rapidly and securely" build information technology and operational technology infrastructure.
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.
An artificial intelligence-fueled growth in data center construction has the federal government asking what it should do to help manage data security risks. The NTIA is interested in identifying opportunities "to improve data centers’ market development, supply chain resilience, and data security."
Oil service giant Halliburton told U.S. federal regulators Tuesday that hackers stole data after the firm acknowledged "unauthorized activity" on its networks in late August. The incident "caused disruptions and limitation of access to portions of the company's business applications," the firm said.
The NIS2 Directive focuses on addressing gaps and strengthening the security of network and information systems across the European Union. NIS2 mandates rapid incident reporting and holds senior management accountable for cybersecurity, shifting responsibilities to the board level.
Oil services giant Halliburton is reportedly dealing with a disruption tied to a Wednesday hack attack, after which the Houston-based firm advised employees to not connect to any internal IT resources - a sign that the incident could be a ransomware attack.
The U.S. Federal Aviation Administration is seeking public comment on a proposed rule that aims to further elevate and streamline cyber regulations for future airplanes and aircraft equipment. The rule isn't intended to have a substantive effect on airliner cybersecurity standards.
As concerns grow about China's cyberthreat to U.S. critical infrastructure, Scythe founder and CEO Bryson Bort suggests the actual risk may not be as severe as feared. He explains the factors that might limit China's cyber activities and the real strategic vulnerabilities that could be targeted.
Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.
Maritime facilities and ports in the Indian Ocean and Mediterranean Sea have become targets of spear-phishing attacks in a cyberespionage campaign that BlackBerry's Threat Research and Intelligence team attributes to SideWinder, a suspected India state-sponsored threat group.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.