GreyEnergy group targeting critical infrastructure with espionage
ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in …
ICS/SCADA
The future of OT security in modern industrial operations
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. In this podcast, Andrew Ginter, VP of Industrial …
Researchers link Industroyer to NotPetya
ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts …
Safe IT/OT integration with unidirectional security gateways
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of …
Vulnerabilities and architectural considerations in industrial control systems
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of …
Malicious hacking activity increasingly targeting critical infrastructure
In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how the traditional focus of most …
Advantech WebAccess RCE flaw still exploitable, exploit code available
A vulnerability in Advantech WebAccess, a web browser-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems, …
Verizon details breaches they were called in to investigate
If at all possible, organizations like to keep details of the breaches they suffered under wraps, mostly to safeguard their reputation and to minimize legal trouble. As …
A closer look at the IT/OT landscape for infosec professionals
The challenge for modern cyber security engineers working in the OT/ICS area involves modernizing the weak or missing protection controls in existing infrastructure toward …
Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks
A vulnerability in the Schneider Electric Modicon M221, a programmable logic controller (PLC) deployed in commercial industrial facilities worldwide, can be exploited to …
