Please turn on your JavaScript for this page to function normally.
industry
Web-based PLC malware: A new potential threat to critical infrastructure

A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced …

Engineering-grade OT security
Review: Engineering-grade OT security: A manager’s guide

Andrew Ginter is a widely-read author on industrial security and a trusted advisor for industrial enterprises. He holds a BSc. in Applied Mathematics and an MSc. in Computer …

cyber war readiness
Why cyber war readiness is critical for democracies

Once the war in Ukraine ends, Russia’s offensive cyber capabilities will be directed towards other targets, Rik Ferguson, VP Security Intelligence for Forescout, …

Power lines
Sandworm hackers incapacitated Ukrainian power grid amid missile strike

Russia-backed ATP group Sandworm is behind the cyberattack that caused disruption of parts of the Ukrainian power grid in late 2022, according to Mandiant. About Sandworm …

ELITEWOLF
ELITEWOLF: NSA’s repository of signatures and analytics to secure OT

Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has …

industry
Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)

Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers …

energy
How cybercriminals target energy companies

In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses how cybercriminals employ specialized strategies when targeting …

Nicole Darden Ford
Making risk-based decisions in a rapidly changing cyber climate

Nicole Darden Ford is Global VP & CISO at Rockwell Automation. As the company’s cybersecurity leader, Nicole is entrusted to protect enterprise IT assets with scalable, …

approved
ICS vulnerabilities: Insights from advisories, how CVEs are reported

SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, …

CVE
Extent of reported CVEs overwhelms critical infrastructure asset owners

The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to …

Siemens S7 1500
Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)

Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected …

industrial
Cybersecurity is becoming a top priority among critical infrastructure operators

Increased cyber threats and government directives have made cybersecurity a top priority among critical infrastructure organizations. This Help Net Security video highlights …

Don't miss

Cybersecurity news