All news with #critical infrastructure tag

🔐 Ukraine's Defence Intelligence agency (HUR) says its hackers exfiltrated classified files and technical documentation related to the newly commissioned Russian nuclear ballistic missile submarine Knyaz Pozharsky. Leaked materials, posted on Telegram, reportedly include combat manuals, schematics of combat and survivability systems, crew lists with qualifications, and operational schedules. Russian authorities have not commented and independent verification by Western intelligence or cybersecurity experts is still pending.

⚠️CISA issued an alert on a high-severity vulnerability affecting on-premise Microsoft Exchange servers disclosed today. The agency is actively monitoring and coordinating mitigation with Microsoft and government and industry partners to assess scope and impact. Organizations are strongly urged to implement Microsoft guidance immediately to reduce risk and protect critical infrastructure.

🔐 CISA and FEMA announced the availability of more than $100 million in grant funding to bolster state, local, and tribal cybersecurity capabilities. The FY2025 Notice of Funding Opportunity includes the State and Local Cybersecurity Grant Program (SLCGP) with $91.7 million and the Tribal Cybersecurity Grant Program (TCGP) with $12.1 million. Awards may support planning, exercises, hiring cybersecurity experts, network hardening, and improvements to services provided to citizens. Applicants should consult CISA application resources to prepare proposals.

🔓 On September 27, 2017, UpGuard researcher Chris Vickery discovered an Amazon S3 bucket at the AWS subdomain "inscom" that was publicly accessible and contained 47 entries with three downloadable files. One download, an .ova virtual appliance named "ssdev," included a virtual hard drive with partitions and metadata labeled Top Secret and NOFORN. The exposed assets also contained private keys, hashed passwords, a ReadMe referencing the Pentagon cloud project Red Disk, and a classification-training snapshot. UpGuard notified INSCOM and the repository was promptly secured.

⚠️ The UpGuard Cyber Risk Team discovered a publicly accessible rsync repository belonging to Texas-based Power Quality Engineering (PQE) that exposed sensitive electrical infrastructure data for clients including Dell, Oracle, and Texas Instruments. Up to 205 GB of reports, schematics, infrared imagery and a plaintext file of internal passwords were downloadable. The exposure, discovered on July 6, 2017 and remediated after notification, illustrates vendor risk and misconfigured services. Recommended mitigations included restricting rsync access, enforcing authentication and network ACLs, and implementing continuous vendor monitoring.

🔒 UpGuard secured a 1.7 TB repository that had been publicly accessible via an rsync server, containing schematics, administrative credentials, email archives, photographs, and installation materials tied to Russian telecommunications infrastructure. The dataset appears to primarily implicate Nokia and MTS, and includes detailed documentation for the SORM lawful-intercept system. UpGuard notified vendors and regulators and the files were taken offline after disclosure, though the exposure presented serious national security risks.

📢 CISA, in partnership with SAFECOM and NCSWIC, released an updated Emergency Communications System Lifecycle Planning Guide and companion Lifecycle Planning Tool on July 2, 2025. The suite refreshes the 2011 and 2018 materials and incorporates public safety practitioners' experiences to inform system build, maintenance, operation, decommission, and replacement decisions. The Lifecycle Guide offers recommendations and the Lifecycle Planning Tool provides checklists for each lifecycle phase. Resources and funding guidance are aligned to help jurisdictions plan technology upgrades.

⚠️ UpGuard discovered a public rsync repository exposing data from Power Quality Engineering (PQE), including client inspection reports, infrared imagery and plaintext internal passwords. The July 2017 exposure allowed downloads of hundreds of gigabytes via port 873 and revealed schematics for clients such as Dell, Oracle, Texas Instruments, and the City of Austin, including a SCIF layout. PQE secured the server after notification; the incident highlights the large risk of simple misconfigurations and third‑party vendor failures.