Critical Infrastructure
CISA: Medusa ransomware hit over 300 critical infrastructure orgs
CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. This was revealed in a joint advisory issued today in coordination with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “As of February 2025, Medusa developers and affiliates […]
Southern Water says Black Basta ransomware attack cost £4.5M in expenses
United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024. Southern Water is a private utility company in southern England, providing water services to 2.7 million customers and wastewater services to over 4.7 million customers across Kent, Sussex, Hampshire, and the […]
CISA and FBI: Ghost ransomware breached orgs in 70 countries
CISA and FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. Other industries impacted include healthcare, government, education, technology, manufacturing, and numerous small and medium-sized businesses. “Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software […]
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. Trimble Cityworks is a Geographic Information System (GIS)-centric asset management and work order management software designed primarily for local governments, utilities, and public works organizations. The […]
CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. HMIs are dashboards or user interfaces that help human operators connect to, monitor, and control industrial machines and devices via tablets, portable computers, or built-in displays. “In the absence of cybersecurity controls, threat actors can […]
UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls
Nuclear waste processing facility Sellafield has been fined £332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. According to the ONR announcement, Sellafield failed to follow its own approved cybersecurity protocols by leaving multiple […]
CISA: Hackers target industrial systems using “unsophisticated methods”
CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using “unsophisticated” methods like brute force attacks and default credentials. According to the cybersecurity agency, these ongoing attacks targeting critical infrastructure OT and ICS devices are also impacting water and wastewater systems. OT devices integrate hardware and software and […]