ICS/SCADA
The cybersecurity of industrial companies remains low, potential damage can be severe
Positive Technologies released a research that examines information security risks present in industrial companies, the second-most targeted sector by cybercriminals in 2020. …
New standard enhances the cybersecurity of pipeline control systems
The American Petroleum Institute (API) published its 3rd Edition of Standard (Std) 1164, Pipeline Control Systems Cybersecurity, underscoring the natural gas and oil …
Trends in the OT/ICS security space and what’s to come
In July 2021, Armis appointed Sachin Shah, an Intel veteran of over 21 years, as its new CTO for Operational Technology (OT) and Industrial Control Systems (ICS). In this …
ICS vulnerabilities disclosed in H1 2021 rose by 41%
Industrial control system (ICS) vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have …
Collaboration is the key to protecting critical national infrastructure
Concern around protecting critical national infrastructure (CNI) is growing. Following several high-profile attacks and growing tensions around state sponsored cyber activity, …
MITRE Engenuity launches ATT&CK Evaluations for ICS
MITRE Engenuity today released results from its first round of independent ATT&CK Evaluations for Industrial Control Systems (ICS). The evaluations examined how …
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …
Industrial facilities progressively at risk of data theft and ransomware attacks
Trend Micro released a new report highlighting the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial …
Critical vulnerabilities identified in CODESYS ICS automation software
Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. Some are of high and critical severity. “The vendor rated …
Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations
Cybersecurity is a race. A race that has for over a decade been extended to include systems that run the world’s industrial facilities, where a breach can compromise more than …
Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass
The FireEye Mandiant team has discovered multiple threat actors exploiting a zero-day vulnerability in Pulse Secure VPN appliances. The attack infrastructure is very …
68% of construction executives have no cybersecurity measures in place
The construction industry may not appear to be an obvious target for cybercrime, but it garners unwanted online attention just like other sectors. According to a report by …