U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Threat actors breached the network of the Italian oil company ENI

Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor. Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected. “The internal […]

ENI

Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor.

Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected.

“The internal protection systems have detected unauthorized access to the corporate network in recent days,” a spokesperson for the company told Reuters in response to a query.

ENI

The company reported the incident to the Italian authorities which launched an investigation to determine the extend of the attack.

Bloomberg News first reported the news of the attack on Wednesday, speculating that Eni appeared to have been hit by a ransomware attack.

“Eni confirms that the internal protection systems have detected unauthorized access to the company network in recent days,” a company spokesman said, in response to a query from Bloomberg News.

Without technical details about the attack it is not possible at this time to determine how attackers breached the company, their motivation and attribute the intrusion to a specific threat actor.

People familiar with the situation said Eni appeared to be hit by a ransomware attack. Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. It’s not clear who was responsible for the breach.

The Italian energy sector appears to be under attack, over the weekend, Italy’s energy agency Gestore dei Servizi Energetici SpA was hit by a cyber attack. GSE is the government agency that operates the Italian electricity market.

The website of the GSE is still down, and people familiar with the matter told Bloomberg that the company infrastructure was compromised with an impact on the agency’s operations.

A major risk of breaches of utilities and other critical infrastructure operators is that hacks of their IT systems can lead to disruptions of operational systems that provide electricity, water and other services to end users, even if the hackers never actually touch that sensitive equipment. Last year, Alpharetta, Georgia-based Colonial Pipeline Co. shut the largest fuel pipeline in the US after a ransomware attack crippled its IT systems, and in February, Hamburg, Germany-based oil trader Mabanaft said it was the victim of a cyberattack that disrupted the delivery of fuels across Germany.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ENI)

[adrotate banner=”5″]

[adrotate banner=”13″]