#GretaThunberg travelled to the UK today to protest against the explotation of the #Rosebank #oil field, off the coast of #Scotland.
Rosebank is almost 3 times the size of #Cambo - the #oilfield that people coming together have successfully stopped in 2021.

The #UK #parliament has deferred debating the licensing of the #oilrig to after recess, Sept 4th. It is therefore perfect timing now to sign the petition https://www.change.org/p/tell-the-uk-government-to-stop-new-oil-and-gas-fields?redirect=false

Looking down on the dry dock at Kishorn from Sgurr a' Chaorachain the other day.

#oilrig #ScottishHighlands

An ICG helicopter airlifted 11 employees working at an oil rig of a private company, around 50km off the Okha coast in Devbhoomi Dwarka district, and transported them to a safer place, the official said
#CoastGuardAirlifts #PersonnelWorking #OilRig #GujaratCoastAmidCyclone
https://www.news18.com/india/coast-guard-airlifts-11-personnel-working-at-oil-rig-off-gujarat-coast-amid-cyclone-warning-8062435.html

The #Mine

Season 6 Episode 2 "Trapped beneath the Sea: part 2"

#RandomBaywatch #lvdlpx #Baywatch #TrappedBeneathTheSea #Oil #OilRig #Offshore #OffshoreOil #WWII

more #RandomBaywatch pics on: http://mastodon.cloud/tags/RandomBaywatch
.

Referenced link: https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html
Discuss on https://discu.eu/q/https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TrendMicro/status/1636079820164538372#m

RT by @TheHackersNews: 🚨 Our researchers found #Iranian #OilRig #hackers abusing legitimate, but compromised, email accounts to send stolen data to external accounts controlled by attackers. @TheHackersNews details how government organizations are at risk: https://thehackernews.com/2023/02/iranian-oilrig-hackers-using-new.html

Threat Actor Uses AutoHotKeys and PowerShell for Data Collection

Source: https://thedfirreport.com/2023/02/06/collect-exfiltrate-sleep-repeat/

Targeted Industries: Transportation, Utilities, Financial and Insurance Services, Public Administration, and Information

The DFIR Report's latest incident report details an intrusion they assess was likely conducted by a threat actor tracked by Proofpoint as #TA452. The initial access involved a macro-enabled Word document. The macro creates a directory with the user's name in %AppData% and saves several scripts and one LNK file to this directory. Discovery commands were all executed via PowerShell or built-in Windows utilities. The threat actors dropped an AutoHotkey binary that performed #keylogger functions and executed them by a scheduled task. The threat actors exfiltrated the data collected during discovery to the C2 server via POST requests. The DFIR Report assesses TA452 (#OilRig/#APT34) as the likely threat group behind this intrusion. They base this on observing two Proofpoint ruleset signatures, the custom PowerShell framework, and all activity observed aligns with Tehran local time. However, the time frame of the activity also aligns with Moscow's local time (6:00 AM to 7:00 PM), and other threat groups or cybercriminals could have employed the same tactics, techniques, and procedures (TTPs) as a means of deception to avoid proper attribution.

#CTI #ThreatIntel

This week's wrap-up of infosec news is out, just in time for your morning commute: https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-4af

#Qakbot have gotten in on the #OneNote action - turns out so too has every other threat actor under the sun.

Iran's #OilRig/#APT34 has been caught in the act, abusing the legitimate Password Filters feature to siphon creds, and exfiltrating them via compromised mail channels.

Some interesting techniques were observed in a recent #SocGholish campaign, including passively enumerating usera through event logs and disabling Restricted Admin mode to enable the theft of creds from memory.

A series of vulnerabilities in the Fortran GoAnywhere MFT file transfer application, QNAP NAS appliances, and VMWare ESXi servers should be top of your list this morning - make sure you're not exposed!

All that and much more, to help you shake off the cobwebs this Monday morning: https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-4af

#infosec #CyberAttack #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #redteam #soc #threatintel #threatintelligence #vmware #poc

Old God.
#landscape #labdscapephotograhy #firthofforth #arthursseat #scotland #oilrig #decay #beach #shore

Having had some time to think about where I want to take my career next, I've decided I definitely want to throw a #debaucherous #party on an #offshore #oilrig.

Who here on Mastodon can help me achieve this dream?

"A decommissioned oil rig is due to be transformed into an interactive art installation dubbed 'See Monster'."

"Once the project is completed, the 35-metre high platform will feature a waterfall and seated amphitheatre along with a 6,000 piece art installation to give it "scales", and will be covered in grass, plants and trees."

#OilRig

https://news.sky.com/story/old-oil-rig-to-be-transformed-into-see-monster-art-installation-12651433

Large oil rigs docked at harbor on the open sea under dramatic cloudy skies off the coast of Santa Cruz de Tenerife, Tenerife Canary Islands
Komeil Karimi - KNZ_2454
#santacruzdetenerife #tenerife #canaryislands #nature #landscape #ocean #clouds #cloudscape #opensea #ship #oilrig #palmtrees #industrial #harbour #port #visitspain #visittenerife

OilRig APT Drills into Malware Innovation with Unique Backdoor - The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside imag... more: https://threatpost.com/oilrig-apt-unique-backdoor/157646/ #steganography #helixkitten #c2channel #backdoor #paloalto #malware #oilrig #unit42 #apt34 #email #irán #rdat #apt

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign - APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure tha... more: https://threatpost.com/iranian-apts-fox-kitten-global-spy-campaign/152974/ #criticalinfratructureespionage #criticalinfrastructure #vulnerabilities #wipermalware #websecurity #cyberattack #spycampaign #government #zerocleare #foxkitten #clearsky #malware #oilrig #hacks #apt33 #apt34 #elfin