On Thursday, May 6, Colonial Pipeline, which operates a pipeline that delivers gasoline and jet fuel to nearly 45 percent of the U.S. East Coast, fell victim to a ransomware attack. The attack took over 100 gigabytes of data hostage, causing the company to halt all pipeline operations and shut down several of its systems. The attackers, identified as a criminal gang known as DarkSide, threatened to leak proprietary information unless a ransom is paid.

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey.

Attack vectors are defined as the means or paths by which hackers gain access to computers remotely with malicious intentions such as delivering payloads or carrying out other harmful activities. Some common ones are malware, social engineering, phishing and remote exploits.

The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack.

In our recent webinar, Netacea’s Head of Threat Research, Matthew Gracey-McMinn, and Enterprise Sales Manager for Travel and Tourism, Graeme Harvey, were joined by Director of Spike Digital, Duncan Colman, to delve into the top bots and cybersecurity threats set to target the travel industry in 2021.

Open source helps developers build faster. But who’s making sure these open source dependencies (sometimes years out of development) stay secure? In a recent npm security research activity, Snyk uncovered a total of 8 npm packages which matched a specific malicious code vector of attack. This specific attack vector of the malicious packages included packages which had pre/post install scripts, which allowed them to run arbitrary commands when installed.

Another day, another supply chain attack. No sooner did we recover from the SolarWinds breach, than we found ourselves reeling from a new ClickStudio attack. That’s why we’ve decided to launch this new series, fondly named The Source, to provide you with the latest news and updates on supply chain security. On this installment of ‘The Source’, get to know the red hot supply chain attack methods du jour.

Your brand is the image your customers have of your business; this is precisely what makes your brand into such a valuable asset. It’s no surprise that brand presence is increasingly shifting into the digital realm. And while digital transformation brings with it a whole new world of possibilities, the digitization of the brand also introduces new risks.

The trove of 1.3 million RDP credentials leaked recently is yet again proof that, In the underground economy, initial access brokerage is a flourishing market. Cybercriminals are outsourcing the initial access stage of the attack, so they can better focus on the execution and act more quickly.

In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on them and their customers.