Energy Transfer Partners, a major US natural gas pipeline operator, announced Monday that its operations were being affected by a cyberattack against its electronic data interchange. The interchange, which expedites shipping and billing to customers by machine-to-machine document transfers, is a third-party system provided by Energy Services Group LLC. There's been no attribution; investigation and remediation are continuing. It's worth noting that the attack affects IT systems and not (insofar as is known) OT systems. Energy Transfer Partners says operations will continue during remediation.
The attack, which appears to be the work of criminals and not state espionage services, has reminded many of recent US Government warnings that Russian cyber operators are conducting apparent battlespace preparation of US infrastructure. Russian Foreign Minister Lavrov for his part thinks US-Russian relations are worse than they were during the Cold War.
Flashpoint reports that e-commerce sites running on the popular open-source Magento platform are undergoing brute-force attacks designed to scrape credentials and then install cryptocurrency-mining malware. Flashpoint says its researchers know of at least 1,000 Magento admin panels the attackers have compromised, and they say dark web operators have shown a strong interest in Magento since 2016.
Trustlook researchers have identified a new Android Trojan designed to take data from Skype, Facebook Messenger, and other instant messaging services.
Zscaler warns that njRAT has been updated with ransomware and cryptocurrency-stealing capabilities.
Panera Bread is receiving poor reviews for the security of its online ordering system in the wake of the data breach disclosed yesterday.