India’s Union Power Minister RK Singh has said that October’s blackouts in Mumbai were the result of human error, and not cybersabotage, the Times of India reports. He did confirm that there were attacks on load dispatch centers, but these were successfully contained and caused no outages. Against the background of Recorded Future’s report on RedEcho, Singh resisted offering attribution for the attempts, saying "We don't have evidence to say that the cyberattacks were carried out by China or Pakistan. Some people say that the group behind the attacks is Chinese but we don't have evidence. China will definitely deny it."
CISA yesterday afternoon issued Emergency Directive 21-02, requiring US Federal civilian agencies to take immediate action to remediate the Microsoft Exchange on-premises product vulnerabilities currently under active exploitation. Agencies are directed to report completion by noon tomorrow. Microsoft has attributed the exploitation campaign to a Chinese government threat actor it tracks as Hafnium.
The Accellion supply chain compromise has found its way into a security company’s operation. Qualys disclosed yesterday that it had deployed Accellion’s FTA server “in a segregated DMZ environment” as part of its customer support system. Investigation continues, but Qualys is confident that the incident was contained without "any operational impact."
Two current trends in social engineering are worth noting. Agari finds that capital call scams are growing more common in business email compromise attempts. And the pandemic is still with us, and so too, Barracuda Networks reports, are scams using COVID-19 vaccine information as phishbait.