Welcome to my weekly cybersecurity roundup! Here, I share updates on the projects I’m currently working on, along with the most insightful cybersecurity videos I watched, articles I found valuable, and podcasts I tuned into this week.
Featured Analysis
Featured article analysis: Unsophisticated cyber actors are targeting the U.S. Energy sector
The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, EPA, and DoE, have issued a joint alert warning U.S. critical infrastructure, particularly the energy and transportation sectors, about ongoing cyberattacks targeting their Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. These attacks are being carried out by unsophisticated cyber actors who are exploiting weaknesses in cyber hygiene and exposed assets. Despite the use of basic intrusion techniques, the potential consequences are significant, including defacement, configuration changes, operational disruptions, and even physical damage in severe cases.
The alert emphasizes that these “basic and elementary intrusion techniques” can be highly effective when organizations fail to implement fundamental cybersecurity best practices. Poor cyber hygiene and the presence of internet-exposed OT assets create vulnerabilities that these less skilled attackers can readily exploit. The agencies strongly urge Critical Infrastructure Asset Owners and Operators to proactively review and implement the recommendations outlined in the fact sheet titled “Primary Mitigations to Reduce Cyber Threats to Operational Technology” to bolster their defenses against these threats.
The recommended mitigations focus on foundational security measures that can significantly reduce the attack surface and limit the impact of successful intrusions. These include removing OT connections from the public internet, immediately changing default passwords to strong, unique credentials, securing remote access to OT networks using VPNs and phishing-resistant multi-factor authentication (MFA), segmenting IT and OT networks to prevent lateral movement, and ensuring the capability to operate OT systems manually in the event of a cyber incident. Additionally, the agencies highlight the risk of misconfigurations introduced during standard operations or by third-party vendors and advise working collaboratively to address these potential vulnerabilities.
Projects
Videos
Articles
- White House Proposal Slashes Half-Billion from CISA Budget – The proposed $491 million cut is being positioned as a “refocusing”of CISA on its core mission “while eliminating weaponization and waste.”
- Unofficial Signal app used by Trump officials investigates hack – TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being hacked.
- Darcula PhaaS steals 884,000 credit cards via phishing texts – The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide.
- iHeartMedia suffers breach that exposed personal data – iHeartMedia, America’s largest owner of radio stations, suffered a breach in December that exposed personal data, including Social Security and passport numbers.
- TeleMessage, the Signal clone used by US government officials, suffers hack – TeleMessage, an encrypted messaging app based upon Signal, has been temporarily suspended out of “an abundance of caution” after a hacker reportedly gained access to US government communications.
- Unsophisticated cyber actors are targeting the U.S. Energy sector – CISA, FBI, EPA, and DoE warn of cyberattacks on the U.S. Energy sector carried out by unsophisticated cyber actors targeting ICS/SCADA systems.
- Man Sentenced to Over 30 Years in Prison for Crypto-Terror Financing Scheme – Defendant Collected and Sent More Than $185,000 to ISIS