Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows complete compromise of the devices. There are no workar… Continue reading Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)

Biden executive order gives Coast Guard added authority over maritime cyber threats

National security officials have been sounding the alarm over a China-linked hacking group that’s been targeting critical infrastructure.

The post Biden executive order gives Coast Guard added authority over maritime cyber threats appeared first on CyberScoop.

Continue reading Biden executive order gives Coast Guard added authority over maritime cyber threats

Maritime Cybersecurity: A Rising Tide Lifts all Boats

Ports and ships — the maritime industry — are vital points in the global supply chain for food, medicine, consumer goods, fuel and many other products. Most of the world’s globally traded goods travel by sea. That’s why maritime security is key for supply chain security. Meanwhile, maritime cybersecurity faces threats at multiple places, including […]

The post Maritime Cybersecurity: A Rising Tide Lifts all Boats appeared first on Security Intelligence.

Continue reading Maritime Cybersecurity: A Rising Tide Lifts all Boats

Cyber threats, passenger vessels and superyachts: The current state of play

In this interview with Help Net Security, Peter Broadhurst, Maritime Senior VP Safety, Security, Yachting and Passenger, Inmarsat, talks about the impact of cyber threats on passenger vessels and superyachts, and provides an inside look at maritime cyb… Continue reading Cyber threats, passenger vessels and superyachts: The current state of play

Navigating the waters of maritime cybersecurity

In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan (NMCP), accompany… Continue reading Navigating the waters of maritime cybersecurity

White House to release maritime cybersecurity update

The National Security Council is planning to issue a cybersecurity update to the U.S. government’s national maritime security strategy Tuesday, multiple senior administration officials tell CyberScoop. The update, which administration officials first teased last September, will prompt federal agencies to develop more streamlined cybersecurity standards for organizations in the maritime transportation system (MTS), which includes seaports, vessel owners and operators and terminal operators, according to administration strategy documents obtained by CyberScoop. The update from the White House also is aimed at promoting more information-sharing on maritime cyberthreats with the private sector, streamlining the information-sharing process and prompting the U.S. government to establish maritime cybersecurity-focused workforce programs. The NSC is releasing the National Maritime Cybersecurity Plan as part of a recognition that there are gaps in U.S. maritime security, officials said. A chief concern is that disruptions to ports and shipping could send shockwaves through the U.S. economy. More directly for […]

The post White House to release maritime cybersecurity update appeared first on CyberScoop.

Continue reading White House to release maritime cybersecurity update

US Army combines fake hacks, natural disaster simulation to test municipal responses

Cybersecurity experts from the U.S. military and the private sector have spent recent weeks working with two American cities to test their ability to respond during a simulated cyberattack layered with several simulated physical disruptions. The virtual exercise, which has feigned malware and ransomware attacks against targets in Charleston, S.C., and Savannah, Ga., over the last several weeks, is aimed at testing participants’ ability to defend against digital threats while simultaneously facing an array of emergency scenarios in the physical realm. While grappling with seeming malicious software attacks, participants also have needed to deal with a fictional cargo ship accident, a flood and the failure of 911 systems. The U.S. Army, alongside private sector and municipal partners, is wrapping up the exercise, known as Jack Voltaic 3.0, this week. By assessing municipal and commercial responses to such blended crises, officials aim to understand and mitigate any shortfalls in response that could impact the U.S. military’s ability to deploy out of […]

The post US Army combines fake hacks, natural disaster simulation to test municipal responses appeared first on CyberScoop.

Continue reading US Army combines fake hacks, natural disaster simulation to test municipal responses

Trump officials hint at update for US maritime cybersecurity

The White House hopes to update U.S. government’s approach to its maritime cybersecurity strategy in coming months, according to two senior administration officials. The Trump administration’s priorities are to enhance and secure the United States’ ability to project power at sea and defend against adversarial cyberattacks, two senior administration officials told reporters during a call Tuesday. The plan involves re-examining the national approach to information sharing and better emphasizing the use of operational technologies in ports, according to one senior administration official. The two officials on the call declined to reveal any specific information about the administration’s plans, saying more information would soon become available. But hackers have long targeted shipping firms and the maritime supply chain to steal data involving the U.S. government or interrupt cargo operations. Hackers using a strain of ransomware known as Ryuk compromised computer networks at a maritime transportation facility last year, disrupting operations for 30 hours, according to the U.S. Coast Guard. Nation-state hackers also have […]

The post Trump officials hint at update for US maritime cybersecurity appeared first on CyberScoop.

Continue reading Trump officials hint at update for US maritime cybersecurity

These tiny islands are at the heart of an uncovered Chinese phishing campaign

Suspected Chinese hackers are behind a phishing campaign apparently aimed at collecting data about Vietnamese government officials amid an ongoing territorial dispute between the two nations, according to new findings. A hacking group known as Pirate Panda, which has possible ties to the Chinese government, is trying to trick Vietnamese government officials into clicking on malicious Microsoft Excel documents attached to emails purportedly detailing festivities for Vietnamese holidays, according to research the threat intelligence firm Anomali shared with CyberScoop. Targeted individuals appear to be located in Da Nang, Vietnam, near a collection of landmasses in the South China Sea known as the Paracel Islands. The area is one of the most hotly contested regions of the South China Sea, with Beijing claiming ownership of much of the waterway. In recent days, Vietnam has said it does not recognize China’s claims over the islands, while China has said that Vietnamese claims […]

The post These tiny islands are at the heart of an uncovered Chinese phishing campaign appeared first on CyberScoop.

Continue reading These tiny islands are at the heart of an uncovered Chinese phishing campaign

Port cybersecurity: Safeguarding operations against cyber attacks

Port stakeholders are facing more and more cybersecurity challenges with the emergence of new threats, regulations and increased digitalization. Major incidents such as ransomware attacks targeting ports had a considerable impact on the economy. As suc… Continue reading Port cybersecurity: Safeguarding operations against cyber attacks