Saturday Security: Threat Actors Are Targeting Fuel Tank Gauges

 

This week's story is a reminder that any connected device can become a cyber target — even something as unglamorous as a fuel gauge. CISA, the FBI, and the NSA are all warning that attackers are actively targeting internet-exposed automatic tank gauges — the systems used to monitor fuel and chemical storage tanks at gas stations, airports, military installations, and industrial facilities. If compromised, attackers could manipulate fuel readings, disable safety alerts, or interfere with critical safety systems — with potentially dangerous real-world consequences. The good news? Exposed devices have dropped significantly — from nearly 6,000 a decade ago to just under 1,000 today. Progress, but still too many. This week's big takeaway: If it doesn't need to be on the internet — don't put it there. We've been saying this for 25 years and it still needs repeating. Sometimes the biggest cyber risks are hiding in the equipment nobody thinks about. 🗓️ Week ending June 6th, 2026 👤 Hosted by Peter https://www.darkreading.com/cyberattacks-data-breaches/exposed-fuel-tank-gauges-attack-us

Saturday Security: FBI Warns Breaches Are Showing Up In Person

 

Not every breach starts with malware — and this week's story is a reminder of that in a big way. The FBI is warning that Silent Ransom Group — also known as Luna Moth and Chatty Spider — is actively targeting U.S. law firms and other industries using a surprisingly low-tech playbook. This group impersonates IT support through phone calls, phishing emails, and in some cases physically showing up in person posing as technicians. No ransomware. No encryption. Instead they use legitimate tools to quietly steal data — then demand millions in ransom, threatening to leak sensitive client information if they don't get paid. Law firms are a prime target because of the weight of confidential client data and the enormous pressure to protect attorney-client privilege. One breach can be catastrophic. This week's big takeaway: IT security isn't just about firewalls anymore. Verify IT requests. Authenticate visitors. Trust but verify. It's essentially zero trust applied to the physical world. https://www.ic3.gov/CSA/2026/260526.pdf 🗓️ Saturday Security for the Week ending May 30th, 2026 👤 Hosted by Peter

Saturday Security: ShinyHunters Turns Slurpees Into Cyber Headlines

 The same threat actor group that breached Canvas LMS is back — and this time they've made their way into the Slurpee business.

7-Eleven has confirmed a cybersecurity breach after the Shiny Hunters extortion group claimed it stole more than 600,000 records tied to franchise operations and Salesforce-connected systems. This wasn't a physical stickup — attackers reportedly used phishing and voice-based social engineering to access employee accounts, compromising contracts, financial records, identity documents, and operational data after ransom talks allegedly failed. A 9 gigabyte archive of stolen files was reportedly leaked online. This week's big takeaway: Franchise and partner ecosystems are becoming prime cyber targets. When cloud platforms centralize business data across vendors and contractors, one single compromise can ripple through an entire network — affecting everyone connected to that system. https://nationalcioreview.com/articles-insights/extra-bytes/7-eleven-breach-exposes-the-security-risks-inside-franchise-networks/ 🗓️ Week ending May 23rd, 2026

Saturday Security: Canvas LMS Breached Twice by ShinyHunters

 

One of the most widely used education platforms in the world is at the center of a major cybersecurity incident. The Shiny Hunters hacking group breached Canvas — the learning management system used by thousands of schools globally — twice, disrupting login pages during finals week and stealing over 3.5 terabytes of sensitive student and school data. The stolen information reportedly includes names, emails, student IDs, and even private teacher-student-parent messages. The company behind Canvas has confirmed it reached an agreement with the hackers — widely believed to involve a ransom payment in exchange for the data being returned and supposedly deleted. Security experts are clear: there is never a guarantee that criminals actually destroy stolen data after a ransom is paid. This week's big takeaway: Education platforms now centralize enormous amounts of sensitive personal data — including information tied to minors — making schools and cloud-based learning platforms prime targets for cybercriminals. https://www.darkreading.com/cyberattacks-data-breaches/shinyhunters-second-attack-instructure https://www.reuters.com/legal/litigation/canvas-parent-company-reaches-agreement-with-hacking-group-behind-recent-breach-2026-05-12/ 🗓️ Week ending May 16th, 2026

Saturday Security: The Rise of Digital Cargo Heists

 Cargo theft has gone digital — and it's costing billions. Cybercriminal groups are no longer just breaking into trucks. They're hacking, impersonating, and social engineering their way into the supply chain, convincing companies to hand over shipments willingly.

The FBI reports cargo theft losses in the US and Canada jumped to roughly $725 million last year — with attackers using phishing, fake broker accounts, spoofed GPS systems, and compromised logistics software to reroute shipments without ever touching a warehouse door. The scariest part? Many of these operations are run overseas like legitimate businesses — complete with fake identities, fraudulent shipping bids, and sophisticated social engineering campaigns. This week's takeaway: Your supply chain is now a cyber target. If attackers can compromise communications and trust, they can redirect physical goods without ever setting foot near your facility. https://www.darkreading.com/cyber-risk/physical-cargo-theft-cybercriminals 🗓️ Week ending May 9th, 2026

Saturday Security: Adversaries Are Already Targeting the 2026 Midterms

 

Ballot notices are already arriving in California mailboxes ahead of the 2026 primaries — and foreign adversaries are taking notice too. This week, the head of U.S. Cyber Command and the NSA warned that interference in the 2026 midterm elections is not just possible, it's expected. Since 2016, election cycles have become prime targets — not just for hacking, but for disinformation and phishing campaigns. We also look at questions surrounding the Election Security Group and whether the task force coordinating CISA and the FBI has been fully reestablished. The big takeaway: election security has expanded well beyond voting infrastructure. Campaigns, vendors, media, and communication platforms are all now in scope. If bad actors can compromise people and information, they don't need to break into systems to shape outcomes. Stay informed. Stay secure. https://securityboulevard.com/2026/04/cyber-command-and-nsa-chief-warns-foreign-adversaries-likely-to-target-midterms/ #election2026 #electionsecurity

Saturday Security: Scattered Spider Member Pleads Guilty After $8M Phishing Spree

 

We’ve covered Scattered Spider a few times—and now there’s a major update. A key member, Tyler Robert Buchanan, has pleaded guilty in a California federal court, closing the loop on a global phishing campaign that hit 130+ companies. By impersonating IT help desks with SMS phishing, attackers tricked employees into fake login pages—stealing credentials and gaining access. Targets included Twilio and Cloudflare, with losses totaling at least $8 million in cryptocurrency. But here’s the bigger issue: Groups like Scattered Spider are decentralized, fast-moving, and constantly recruiting. Your help desk is now a primary attack surface. If users can’t spot a fake IT message, attackers don’t need to hack in… they just log in. I’m Peter Silva — your Saturday Security Story. Like, subscribe, and share. https://www.databreachtoday.com/scattered-spider-hacker-pleads-guilty-in-us-federal-court-a-31459