< ciso
brief />
Tag Banner

All news with #critical infrastructure tag

400 articles · page 15 of 20

OnSolve CodeRED Cyberattack Disrupts U.S. Alert Systems

🚨 Crisis24 confirmed its CodeRED emergency-notification platform was breached, disrupting alerts for state and local governments, police, and fire agencies nationwide. The company decommissioned the legacy environment and is rebuilding from a March 31, 2025 backup, so recent accounts may be missing. Crisis24 says the incident was contained to CodeRED, but names, addresses, emails, phone numbers and passwords were stolen; no public posting has been confirmed.
read more →

Telecom Security Reboot: Making Zero Trust Operational

🔒 Telecom operators must abandon perimeter assumptions and adopt a zero trust mindset that treats verification as continuous rather than a one-time event. This shift is organizational as much as technical, requiring unified IT/OT policies, least-privilege access and microsegmentation to limit lateral movement. The article recommends pragmatic steps — wrapping legacy systems with secure gateways and centralized authentication — and aligning controls with frameworks such as NIST and NIS2, while tracking concrete KPIs in the first 180 days.
read more →

UK Lawmakers Urge Legal Shift on Economic Cybersecurity

🔒 The House of Commons Business and Trade Committee has urged the UK government to enshrine a new approach to economic security in law, warning that cyber and other threats increasingly imperil the nation's open economy. The committee's report, Toward a new doctrine for economic security, stresses that economic security cannot be achieved without cybersecurity and highlights attacks on critical national infrastructure and private firms. Key recommendations include making the voluntary Software Security Code of Practice mandatory, introducing tax relief for IT services that enhance operational resilience, and consulting on a mandatory cyber-incident reporting regime.
read more →

UK Launches World’s First Military Esports Tournament

🎮 The UK government has launched the International Defence Esports Games (IDEG), touted as the world’s first military esports tournament, involving personnel from 40 allied nations. The three-day event at the National Gaming and Esports Arena in Sunderland on 9–11 October 2026 will combine live-streamed competitive matches with summits on cybersecurity, AI and drone operations. Officials say IDEG will sharpen cyber and digital skills, improve rapid decision-making and build allied partnerships.
read more →

FCC Reversal Removes Telecom Cybersecurity Mandates

⚠ The FCC has reversed its January 2025 Declaratory Ruling that required US telecom providers to adopt and annually certify stricter cybersecurity controls under CALEA. The agency said the earlier order was misconstrued and unlawful, citing recent engagements with carriers and targeted actions instead of prescriptive mandates. Critics, including FCC Commissioner Anna Gomez and security experts, warn the rollback could leave critical infrastructure more exposed after the Salt Typhoon attacks.
read more →

CISA Urges Critical Infrastructure to Be Air Aware

🛡️ CISA urges critical infrastructure owners and operators to adopt a year‑round approach to managing risks from unmanned aircraft systems (UAS) and highlights its Be Air Aware(TM) campaign. The agency released three new guidance products including Suspicious Unmanned Aircraft System Activity Guidance, Safe Handling Considerations for Downed UAS, and UAS Detection Technology Guidance. CISA also offers regional assessments, exercise design, temporary flight restriction coordination for high‑risk events, and bombing prevention assistance to help organizations detect, mitigate, and respond to UAS incidents.
read more →

CISA Guide: Mitigating Risks from Bulletproof Hosting

🛡️ CISA, with NSA, DoD CyCC, FBI and international partners, released Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help ISPs and network defenders disrupt abuse by bulletproof hosting (BPH) providers. The guide defines BPH as providers who knowingly lease infrastructure to cybercriminals and outlines practical measures — including curated malicious resource lists, targeted filters, traffic analysis, ASN/IP logging, and intelligence sharing — to reduce malicious activity while minimizing disruption to legitimate users.
read more →

CISA Releases Guide to Combat Bulletproof Hosting Abuse

🔒 CISA, working with U.S. and international partners, published Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to provide ISPs and network defenders with practical guidance to identify, disrupt, and mitigate abuse of bulletproof hosting. Bulletproof hosting enables obfuscation, command-and-control, malware delivery, phishing, and hosting of illicit content that supports ransomware, extortion, and DoS campaigns. The guide recommends traffic analysis, curated high-confidence malicious resource lists with automated reviews, customer notifications and filters, and standards for ISP accountability to reduce BPH effectiveness and strengthen network resilience.
read more →

CISA Releases Guides to Safeguard Infrastructure from UAS

🛡️ CISA released three new Be Air Aware™ guides to help critical infrastructure owners and operators identify and mitigate risks posed by unmanned aircraft systems (UAS). The publications include Unmanned Aircraft System Detection Technology Guidance for Critical Infrastructure, Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators, and Safe Handling Considerations for Downed Unmanned Aircraft Systems. Developed with government and industry partners, the guides provide practical options to integrate UAS threats into existing security and emergency response plans. CISA encourages organizations to adopt the recommendations to strengthen resilience and align with related directives.
read more →

Energy Sector Targeted by Hackers: Risks, AI & Cooperation

🔒 The energy sector faces a high and growing cyber threat, with attackers targeting OT systems, grid sensors and IoT endpoints to create cascading societal impacts. Critical vulnerabilities — notably in Siemens products — and increasing IT‑OT coupling widen the attack surface. The article stresses the need for end-to-end visibility, AI-driven early warning and anomaly detection, and stronger international cooperation, including NIS 2-aligned practices and active CERT coordination to build resilience.
read more →

Stadtwerke Detmold Hit by Hacker Attack, IT Shutdown

🔒 Stadtwerke Detmold has reported a widespread IT outage following an apparent hacker attack that prompted the operator to take all systems offline. Online services are unavailable and the company cannot be reached by phone or email. The utility says the supply of drinking water, electricity, gas and district heating remains assured, and customers can report technical problems via a hotline. Authorities are investigating the incident and, so far, no ransom demand has been reported.
read more →

Analysis of UNC1549 TTPs Targeting Aerospace & Defense

🔍 This joint analysis from Google Threat Intelligence and Mandiant describes UNC1549 activity observed from late 2023 through 2025 against aerospace, aviation, and defense organizations. The group commonly exploited trusted third‑party relationships, VDI breakouts, and highly targeted spear phishing to gain access, then deployed custom backdoors and tunneling tools to maintain stealth. The report provides IOCs, YARA rules, and detection guidance for Azure and enterprise environments.
read more →

JLR Posts £485m Q2 Losses After September Ransomware Attack

🔒 Jaguar Land Rover reported a £485m ($639m) Q2 loss after a September ransomware attack that halted production at its three UK plants for weeks. The company said the incident generated £196m ($258m) in cyber-related costs, contributing to a 24% year‑on‑year revenue decline to £4.9bn ($6.5bn). JLR set up a loan-backed financing scheme for suppliers and secured government loan guarantees, and confirmed production has now resumed.
read more →

From Military Service to Cybersecurity: Veteran Pathways

🛡️ Fortinet partnered with BCIT, Cyber Catalyst, and Tech Vets Canada to deliver a one-week Industrial Control Systems cybersecurity microcredential intensive for Canadian veterans, providing hands-on labs and practical workshops. Through exercises in network segmentation, access control, and threat detection, participants translated military skills—leadership, discipline, resilience—into cybersecurity capabilities protecting critical infrastructure. The program paired technical training with mentorship, career transition support, and pathways to internships and certification, reflecting Fortinet’s commitment to building a more diverse, skilled cyber workforce.
read more →

Viasat KA-SAT Attack and Satellite Cybersecurity Lessons

🛰️ Cisco Talos revisits the Feb. 24, 2022 KA‑SAT incident where attackers abused a VPN appliance vulnerability to access management systems and deploy the AcidRain wiper. The malware erased modem and router firmware and configs, disrupting satellite communications for many Ukrainian users and unexpectedly severing remote monitoring for ~5,800 German Enercon wind turbines. The piece highlights forensic gaps, links to VPNFilter-era tooling, and the operational choices defenders face when repair or replacement are on the table.
read more →

Critical Flaws in General Industrial Controls Lynx+ Gateway

⚠️ CISA reports multiple high-severity vulnerabilities affecting General Industrial Controls Lynx+ Gateway, including weak password requirements, missing authentication for critical functions, and cleartext transmission of sensitive data. These issues carry CVSS v4 scores up to 9.2 and permit remote exploitation with low attack complexity, potentially enabling unauthorized access, device resets, information disclosure, or denial-of-service. Affected firmware versions include R08, V03, V05, and V18; the findings were disclosed in November 2025. CISA recommends minimizing network exposure, isolating control devices behind firewalls, and using secure remote access methods such as updated VPNs while coordinating with the vendor.
read more →

New UK Cyber Security and Resilience Bill protects services

🔒 The UK introduced the Cyber Security and Resilience Bill on November 12, updating the NIS Regulations 2018 to strengthen protections for hospitals, energy, water and transport. The bill mandates security standards for medium and large managed service providers, requires incident notification to the NCSC and regulators within 24 hours (full reports in 72), and empowers regulators to designate and enforce controls on critical suppliers. It also creates turnover-based penalties and extends coverage to data centers and smart energy systems.
read more →

UK bill tightens cybersecurity for critical infrastructure

🛡️ The UK’s Cyber Security and Resilience Bill would impose mandatory security standards and a 24-hour reporting requirement on operators in healthcare, energy, water, transport and digital services. It updates the NIS 2018 framework and for the first time brings medium and large MSPs and data centres under direct regulatory oversight. Regulators would gain powers to levy turnover-linked penalties and the technology secretary would be able to order emergency mitigations during major cyber incidents.
read more →

November 2025 Patch Tuesday: One Zero-Day, Five Criticals

🔒 Microsoft’s November 2025 Patch Tuesday addresses 63 CVEs, including one actively exploited zero‑day and five Critical vulnerabilities that span Windows, Office, Developer Tools and third‑party products. This release is the first Extended Security Update (ESU) roll‑out for Windows 10 after its October 14 end‑of‑life; ESU enrollment and upgrade to 22H2 are required to receive fixes. CrowdStrike notes elevation of privilege, remote code execution and information disclosure are the leading exploitation techniques this month. Administrators should prioritize the zero‑day and Critical fixes (notably GDI+ and Nuance PowerScribe) and adopt mitigations where patching is delayed.
read more →

Ludwigshafen City Administration Faces Extended IT Outage

🚨 Ludwigshafen's city administration shut down its IT systems on 6 November after monitoring tools flagged serious anomalies, leaving online services and phone and email communications unavailable. A specialist internet-forensics firm was engaged overnight and reported a cyberattack could not be ruled out; officials say indicators have since intensified. There is currently no evidence of citizen data exfiltration, and backups and emergency plans operated as intended while investigations continue.
read more →