CYBER NEWS UPDATE #63

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cybersecurity in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

One of the USA’s largest pipelines, which carries refined gasoline and jet fuel from Texas up the East Coast to New York, was forced to shut down after being hit by ransomware in a vivid demonstration of the vulnerability of energy infrastructure to cyberattacks.

The operator of the system, Colonial Pipeline had shut down its 5,500 miles of pipeline, which it says carries 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach.

Colonial Pipeline acknowledged that its corporate computer networks had been hit by a ransomware attack, in which criminal groups hold data hostage until the victim pays a ransom. The company said it had shut the pipeline itself, as a precautionary act, apparently for fear that the hackers might have obtained information that would enable them to attack susceptible parts of the pipeline.

Commercial pipelines are continuously targeted by hackers as they have many controllers that are connected online in order to monitor and control systems remotely.

If attackers gain control of such an industrial system they will be able in theory to open different valves and cause flooding and physical malfunction to expensive equipment.

Cyber Threat Intelligence is a great example of how new cybersecurity services can complement the existing traditional security measures.

By using CTI (a.k.a Cyber Threat Intelligence) organizations can use Intelligence infrastructure providers such as Nucleon Cyber in order to deploy an extensive Intelligence network that enables them to deal with cyber threats proactively and reduce the security exposure dramatically.



An incident that happened a while ago and worth mentioning is a potentially sensitive information leak from the Washington D.C. police department that was allegedly breached by a ransomware attack from a group seeking a payout.

A group called Babuk claimed to be behind the attack. In a post made on its website, the group threatened to release information pulled from the department’s systems if they were not paid an undisclosed amount.

Screenshots of alleged arrest records and internal memos were posted on Babuk’s website and re-shared online. Sensitive information was not revealed as much as it’s known.

Babuk ransomware is a ransomware threat discovered in 2021 that has impacted at least five big enterprises before, with one already paying the criminals $85,000 after negotiations.

As with other variants, this ransomware is deployed in the network of enterprises that the criminals carefully target and compromise.

The security firm McAfee was able to plot the telemetry of targets, revealing that the group is currently targeting the transportation, healthcare, plastic, electronics, and agricultural sectors across multiple geographies.

Surprisingly a few days after the exploit the hacker group published a post saying goodbye and that they’re hanging up its spurs. but they promised to sell the sources of their malware or release it as open-source, so more people can use it !



This week we chose to focus on recent attacks that were done using different phishing techniques.

Ransomware attacks are here to stay and organizations need to enforce themselves with good cyber intelligence and abilities in order to block the most dangerous attackers.

Organizations with good security systems are able to proactively block attackers whether they are famous or not.

Using intelligence the organization will block the root identifiers of the threats enabling it to even block 0-day threats that no one knows about.


That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleon.sh for the latest podcasts on cyber intelligence.

댓글 남기기