AOC
Company Details
Linkedin ID:
alliance-oil-company
Website:
Employees number:
41
Number of followers:
0
NAICS:
211
Industry Type:
Homepage:
allianceoilco.com
IP Addresses:
0
Company ID:
ALL_7404422
Scan Status:
In-progress
Alliance Oil Company Company CyberSecurity Posture
allianceoilco.com
Alliance Oil Company Ltd is a leading independent oil and gas company with vertically integrated operations in Russia and Kazakhstan. Alliance Oil has substantial oil and gas reserves and downstream operations that includes the Khabarovsk refinery and the leading network of gas stations and wholesale oil products terminals in the Russian Far East. Alliance Oil's depository receipts are traded on the NASDAQ OMX Nordic under the symbol AOIL.
Alliance Oil Company A.I CyberSecurity Scoring
AOC Risk Score (AI oriented)Between 700 and 749
AOC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AOC Global Score (TPRM)XXXX
AOC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AOC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Alliance Oil Company: Research detects espionage foothold while investigating ransomware intrusion
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: While ransomware attacks are typically disastrous for the victimized organizations, in some unusual cases, they can inadvertently lead to positive outcomes—at least in terms of uncovering hidden vulnerabilities and malicious activities. A striking example of this occurred in a recent data breach involving a Russian business, which was detailed in a report published by Positive Technologies (PT), a Moscow-based cybersecurity firm. The findings of this report have brought to light the intricate web of cyberattacks targeting the company and raise significant questions about the nature of global cyber threats. The Unfolding of the Incident: Ransomware Meets Espionage The incident began several months ago, when threat researchers at Positive Technologies discovered that Thor, a cybercriminal group backed by notorious ransomware operations LockBit and Babuk, had infiltrated the servers of a Russian energy company. Upon closer inspection, it became clear that the ransomware attack was not the only malicious activity underway. As researchers dug deeper into the breach, they unearthed a more surprising discovery: the presence of KrustyLoader, a sophisticated espionage malware deployed by a Chinese-based cyber actor known as QuietCrabs. The KrustyLoader malware was found to have been residing undetected within the company’s systems for an extended period, with a dwell time—the amount of time the malware remains hidden on a compromised system—of approximately 393 days. This malware,
AOC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AOC
Incidents vs Oil and Gas Industry Average (This Year)
Alliance Oil Company has 23.46% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Alliance Oil Company has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types AOC vs Oil and Gas Industry Avg (This Year)
Alliance Oil Company reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — AOC (X = Date, Y = Severity)
AOC cyber incidents detection timeline including parent company and subsidiaries
AOC Company Subsidiaries
Alliance Oil Company Ltd is a leading independent oil and gas company with vertically integrated operations in Russia and Kazakhstan. Alliance Oil has substantial oil and gas reserves and downstream operations that includes the Khabarovsk refinery and the leading network of gas stations and wholesale oil products terminals in the Russian Far East. Alliance Oil's depository receipts are traded on the NASDAQ OMX Nordic under the symbol AOIL.
Loading...
AOC Similar Companies
Ecopetrol
Ecopetrol (NYSE: EC) es la compañía más grande en Colombia y uno de los principales grupos de energía de Latinoamérica. Cuenta con más de 18.000 empleados y es responsable del 60% de la producción de hidrocarburos en Colombia. Es propietaria de las dos refinerías del Colombia y de la gran parte de l
Equinor
We're Equinor, an international energy company with a proud history. Formerly Statoil, we are 20,000 committed colleagues developing oil, gas, wind and solar energy in more than 30 countries worldwide. We’re the largest operator in Norway, among the world’s largest offshore operators, and a growing
AREVA NP
On 04 January 2018, AREVA NP, became Framatome, a designer, supplier and installer of nuclear steam supply systems. Framatome contributes to the design of power plants, supplies the nuclear steam supply system, designs and manufactures components and fuels, integrates the instrumentation and control
Petrobras
Nosso propósito é prover energia que assegure prosperidade de forma ética, justa, segura e competitiva. Queremos ser a melhor empresa diversificada e integrada de energia na geração de valor, construindo um mundo mais sustentável, conciliando o foco em óleo e gás com a diversificação em negócios de
Shell is a global group of energy and petrochemical companies, employing 103,000 people and with operations in more than 70 countries. We serve more than 1 million commercial and industrial customers, and around 33 million customers daily at more than 47,000 Shell-branded retail service stations. O
PETRONAS
Petroliam Nasional Berhad (PETRONAS) is a leading global energy company committed to powering society’s progress in a responsible and sustainable manner. With close to 50,000 employees and a global reach spanning over 100 countries, we are ranked among the world’s largest corporations by revenue in
PDVSA Petróleos de Venezuela S.A.
Petróleos de Venezuela S.A. is a Venezuelan state company, began operations on January 1st, 1976 and whose activities are the oil exploration, production, refining, marketing and transportation of Venezuelan oil as well as the orimulsion, chemical, petrochemical businesses and coal. We have the lar
PETROVIETNAM
Petrovietnam’s business - Core business: + Exploration, Production, Refinery, Petrochemicals, Storage, Transportation and Service in Petroleum Field; + Importing and Exporting petroleum materials, equipment and productions; + Distributing oil and gas products and hydrocarbon materi
Suncor
In 1967, we pioneered commercial development of Canada's oil sands – one of the largest petroleum resource basins in the world. Since then, Suncor has grown to become a globally competitive integrated energy company with a balanced portfolio of high-quality assets, a strong balance sheet and signifi
.png)
AOC CyberSecurity News
December 01, 2025 08:26 PM
Coro and C&W business seal a strategic cybersecurity alliance to protect SMEs
This alliance allows Panamanian companies to access Coro's cybersecurity solutions directly through C&W Business Panamá, with flexible...
November 20, 2025 03:00 PM
Adistec and Fortra announce Strategic Partnership to Accelerate Cybersecurity Growth Across Latin America
PRNewswire/ -- Adistec, a leading value-added distributor with 20+ years of experience developing IT channels across Latin America,...
October 31, 2025 07:00 AM
Robert Rapier on Oil, Small Modular Reactors, and the New Energy-Data Alliance
October 31, 2025 – Curious about the future of energy, small modular reactors, and the impact of AI on utilities? Energy expert Robert Rapier joins...
October 27, 2025 07:00 AM
Sword Joins ISA Global Cybersecurity Alliance and ISASecure to Advance Adoption of ISA/IEC 62443 Standards
PRNewswire/ -- The International Society of Automation (ISA) — the leading professional society for automation — announced that Sword has...
October 25, 2025 07:00 AM
Why Quantum eMotion (TSXV:QNC) Is Up 36.0% After Quantum Cybersecurity Alliance for Energy and Defence Systems And What's Next
Quantum eMotion Corp., alongside Energy Plug Technologies and Malahat Battery Technology, announced the signing of a Joint Development...
October 14, 2025 07:00 AM
E&E News: BLM schedules Colorado oil and gas lease sale
ENERGYWIRE | The Bureau of Land Management plans to open up more than 50,000 acres of public land in Colorado to oil and gas developers in...
October 14, 2025 07:00 AM
Midland marks Cybersecurity Awareness Month by honoring IT department
Midland honored IT chief Gorgees Eskander's team for Cybersecurity Awareness Month after helping cities recover from cyberattacks.
October 14, 2025 07:00 AM
Global Hotel Alliance reveals two big hires
Global Hotel Alliance has announced two senior leadership appointments with Steve Ayalo promoted to Vice President IT Governance,...
September 10, 2025 07:00 AM
Deloitte and Datamount announce strategic alliance at COMEX Oman 2025 to advance cybersecurity capabilities across Oman
The new MoU positions Deloitte as the strategic cybersecurity partner powering Datamount's managed security services in line with Oman...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AOC CyberSecurity History Information
Official Website of Alliance Oil Company
The official website of Alliance Oil Company is http://www.allianceoilco.com.
Alliance Oil Company’s AI-Generated Cybersecurity Score
According to Rankiteo, Alliance Oil Company’s AI-generated cybersecurity score is 739, reflecting their Moderate security posture.
How many security badges does Alliance Oil Company’ have ?
According to Rankiteo, Alliance Oil Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Alliance Oil Company have SOC 2 Type 1 certification ?
According to Rankiteo, Alliance Oil Company is not certified under SOC 2 Type 1.
Does Alliance Oil Company have SOC 2 Type 2 certification ?
According to Rankiteo, Alliance Oil Company does not hold a SOC 2 Type 2 certification.
Does Alliance Oil Company comply with GDPR ?
According to Rankiteo, Alliance Oil Company is not listed as GDPR compliant.
Does Alliance Oil Company have PCI DSS certification ?
According to Rankiteo, Alliance Oil Company does not currently maintain PCI DSS compliance.
Does Alliance Oil Company comply with HIPAA ?
According to Rankiteo, Alliance Oil Company is not compliant with HIPAA regulations.
Does Alliance Oil Company have ISO 27001 certification ?
According to Rankiteo,Alliance Oil Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Alliance Oil Company
Alliance Oil Company operates primarily in the Oil and Gas industry.
Number of Employees at Alliance Oil Company
Alliance Oil Company employs approximately 41 people worldwide.
Subsidiaries Owned by Alliance Oil Company
Alliance Oil Company presently has no subsidiaries across any sectors.
Alliance Oil Company’s LinkedIn Followers
Alliance Oil Company’s official LinkedIn profile has approximately 0 followers.
NAICS Classification of Alliance Oil Company
Alliance Oil Company is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
Alliance Oil Company’s Presence on Crunchbase
No, Alliance Oil Company does not have a profile on Crunchbase.
Alliance Oil Company’s Presence on LinkedIn
Yes, Alliance Oil Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/alliance-oil-company.
Cybersecurity Incidents Involving Alliance Oil Company
As of December 02, 2025, Rankiteo reports that Alliance Oil Company has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Alliance Oil Company has an estimated 10,461 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Alliance Oil Company ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=alliance-oil-company' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
