Colonial Pipeline

Robin’s Newsletter #334

Okta auth bypass for long usernames. Copyright infringement notices used to drop infostealers. Schneider Electric attacker wants payment in baguettes.

Robin’s Newsletter #204

Costa Rica declares state of emergency over ransomware incidents. Civil penalties proposed for Colonial Pipeline over safety breaches.

Robin’s Newsletter #155

The U.S. continues beef with Russian ransomware gangs. Colonial Pipeline was result of compromised creds. FireEye to divest name, products business.

Robin’s Newsletter #152

All the stats: it's DBIR time. Colonial Pipeline paid ransom, restored service and DarkSide disappeared. Being better at security engagement.

Robin’s Newsletter #151

Responsible cyber power. Colonial Pipline shut down due to ransomware. Injecting malware C2 into legitimate traffic. Authentication using a severed thumb.