How to protect air-gapped networks from malicious frameworks
ESET researchers present their analysis of all malicious frameworks used to attack air-gapped networks known to date. An air-gapped network is one that is physically isolated …
ICS/SCADA
Cultural divide between IT and OT teams leaves 65% of organizations unable to secure both environments
Only 21% of organizations have achieved full maturity of their ICS/OT cybersecurity program, in which emerging threats drive priority actions and C-level executives and the …
Critical infrastructure today: Complex challenges and rising threats
Cyber attacks against critical national infrastructure are escalating. The ransomware hit on Colonial Pipeline was a clanging wake-up call for the public, but cybersecurity …
The cybersecurity of industrial companies remains low, potential damage can be severe
Positive Technologies released a research that examines information security risks present in industrial companies, the second-most targeted sector by cybercriminals in 2020. …
New standard enhances the cybersecurity of pipeline control systems
The American Petroleum Institute (API) published its 3rd Edition of Standard (Std) 1164, Pipeline Control Systems Cybersecurity, underscoring the natural gas and oil …
Trends in the OT/ICS security space and what’s to come
In July 2021, Armis appointed Sachin Shah, an Intel veteran of over 21 years, as its new CTO for Operational Technology (OT) and Industrial Control Systems (ICS). In this …
ICS vulnerabilities disclosed in H1 2021 rose by 41%
Industrial control system (ICS) vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have …
Collaboration is the key to protecting critical national infrastructure
Concern around protecting critical national infrastructure (CNI) is growing. Following several high-profile attacks and growing tensions around state sponsored cyber activity, …
MITRE Engenuity launches ATT&CK Evaluations for ICS
MITRE Engenuity today released results from its first round of independent ATT&CK Evaluations for Industrial Control Systems (ICS). The evaluations examined how …
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …
Industrial facilities progressively at risk of data theft and ransomware attacks
Trend Micro released a new report highlighting the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial …
Critical vulnerabilities identified in CODESYS ICS automation software
Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. Some are of high and critical severity. “The vendor rated …
