All news with #outage tag

Blue Locker Ransomware Targets Critical Infrastructure

🔒 Pakistan Petroleum Limited (PPL) was struck by the Blue Locker ransomware, detected on 6 August, which appends a .blue extension to encrypted files and has reported deletion of backups and theft of some business and employee data. The incident encrypted servers and disrupted financial operations while recovery work proceeded in a phased manner. Pakistan's NCERT issued a high alert to 39 key ministries and institutions and warned of multiple distribution vectors. Organisations, especially critical infrastructure operators, are urged to verify and isolate backups, implement network segmentation and enhanced monitoring, and engage incident response and forensic teams as needed.

Mitsubishi MELSEC iQ-F CPU Module Denial-of-Service

🔒 CISA published Advisory ICSA-25-233-01 on August 21, 2025 describing a Denial-of-Service vulnerability (CVE-2025-5514, CVSS v3 5.3) in the Mitsubishi Electric MELSEC iQ-F Series CPU module web server. An attacker can send specially crafted HTTP requests that exploit an Improper Handling of Length Parameter Inconsistency to delay processing and prevent legitimate users from accessing the web server. Mitsubishi Electric reports no plans to release a fix and advises customers to restrict network exposure, use IP filtering and VPNs, and limit physical access. CISA recommends isolating control networks behind firewalls and minimizing internet exposure.

Warlock Ransomware: Emerging Threat Targeting Services

⚠️ Warlock is a ransomware operation that emerged in 2025 and uses double extortion — encrypting systems and threatening to publish stolen data to coerce payment. The group has targeted government agencies and critical service providers across Europe, and on August 12 a cyber incident disrupted UK telecom Colt Technology Services, with an alleged auction of one million stolen documents. Security analysts link recent intrusions to exploitation of the SharePoint vulnerability CVE-2025-53770, which Microsoft says is actively exploited; Microsoft has published analysis and urges immediate patching. Recommended mitigations include enforcing multi‑factor authentication, keeping security tools and software patched, maintaining secure off‑site backups, reducing attack surface, encrypting sensitive data, and educating staff on phishing and social engineering.

Oregon Man Charged Over Rapper Bot DDoS Service Probe

🔒 Federal agents arrested 22‑year‑old Ethan J. Foltz of Springfield, Ore., on Aug. 6, 2025, on suspicion of operating Rapper Bot, a global IoT botnet rented to extortionists for DDoS attacks. The complaint alleges Rapper Bot routinely generated attacks exceeding 2 terabits per second and at times surpassed 6 Tbps, including an attack tied to intermittent outages on Twitter/X. Investigators traced control infrastructure and payments through an ISP subpoena, PayPal records and Google data, recovered Telegram chats with a co‑conspirator known as 'Slaykings,' and say Foltz wiped logs regularly to hinder attribution. He faces one count of aiding and abetting computer intrusions, carrying a maximum statutory term of 10 years.

Dutch prosecution hack disables multiple speed cameras

⚠️ The Netherlands' Public Prosecution Service (Openbaar Ministerie) disconnected its networks on July 17 after suspecting attackers had exploited Citrix device vulnerabilities, leaving several fixed, average and portable speed cameras unable to record offences. Internal email remained available, but external communications and documents required printing and postal delivery. Regulators including the National Cybersecurity Centre were informed, and prosecutors warned that ongoing downtime will delay cases and hamper road-safety enforcement while systems remain offline.

CISA Marks Emergency Communications Month 2025: Resilience

📣 The Cybersecurity and Infrastructure Security Agency (CISA) proclaims April 2025 as Emergency Communications Month to honor emergency responders and promote secure, interoperable communications. The campaign centers on being “Resilient Together” and urges critical infrastructure organizations to enroll in free priority services such as GETS and WPS to preserve connectivity during outages caused by weather, cyber incidents, or human error. CISA emphasizes strategic partnerships across federal, state, local, tribal, and territorial stakeholders to protect the emergency communications ecosystem and strengthen community preparedness.