critical infrastructure Archives

critical infrastructure

Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)

July 13, 2021

Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …

Critical infrastructure cyberattacks signaling the importance of prioritizing security

July 7, 2021

Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The …

Critical vulnerabilities identified in CODESYS ICS automation software

June 4, 2021

Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. Some are of high and critical severity. “The vendor rated …

The state of enterprise preparedness for ransomware attacks

May 27, 2021

In the aftermath of the Colonial Pipeline attack, ISACA polled more than 1,200 members in the United States and found that 84 percent of respondents believe ransomware attacks …

Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations

May 18, 2021

Cybersecurity is a race. A race that has for over a decade been extended to include systems that run the world’s industrial facilities, where a breach can compromise more than …

Top security threats for power plants and how to proactively avoid them

May 13, 2021

Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from …

Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools

May 13, 2021

As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of factors involved when running …

Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass

April 22, 2021

The FireEye Mandiant team has discovered multiple threat actors exploiting a zero-day vulnerability in Pulse Secure VPN appliances. The attack infrastructure is very …

Cybersecurity spending for critical infrastructure to reach $105.99 billion in 2021

February 16, 2021

Cybersecurity spending in critical infrastructure has been little impacted by the COVID-19 pandemic, save for some reshuffling on where that spend is most needed. The effect …

Misplaced expectations securing water treatment systems

February 9, 2021

The cyber attack that tried to poison the drinking water system in Oldsmar, Florida is similar to last year’s attack on small water systems in Israel. Both attacks tried …

Number of ICS vulnerabilities disclosed in 2020 up significantly

February 5, 2021

Throughout the second half (2H) of 2020, 71% of industrial control system (ICS) vulnerabilities disclosed were remotely exploitable through network attack vectors, according …

The 5G toolbox of defense

January 6, 2021

For the mobile communications industry, security has always held a prominent role. However, the onset of 5G – which introduces new network architectures, services and devices …