ICS/SCADA
Extent of reported CVEs overwhelms critical infrastructure asset owners
The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to …
Critical vulnerabilities in Siemens PLC devices could allow bypass of protected boot features (CVE-2022-38773)
Red Balloon Security disclosed multiple, critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 Series PLC that allow for bypass of all protected …
Cybersecurity is becoming a top priority among critical infrastructure operators
Increased cyber threats and government directives have made cybersecurity a top priority among critical infrastructure organizations. This Help Net Security video highlights …
Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure
In a building under construction at the Advanced Technologies Park in Be’er Sheva, the “cyber capital” of Israel, a new governmental lab is also taking shape: the …
Beware of password-cracking software for PLCs and HMIs!
A threat actor is targeting industrial engineers and operators with trojanized password-cracking software for programmable logic controllers (PLCs) and human-machine …
Industrial cybersecurity leaders are making considerable headway
Increased cyber threats and government directives have made cybersecurity a top priority among critical infrastructure organizations. A zero trust security architecture is the …
OT security: Helping under-resourced critical infrastructure organizations
In this Help Net Security interview, Dawn Cappelli, Director of OT-CERT at the industrial cybersecurity company Dragos, talks about the OT security risks critical …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
ICS vulnerability disclosures surge 110% over the last four years
Industrial control system (ICS) vulnerability disclosures grew a staggering 110% over the last four years, with a 25% increase in the second half (2H) of 2021 compared to the …
The biggest threat to ICS/OT is a lack of prioritization
A SANS survey reveals that cyber attackers have demonstrated a robust understanding of operational technology (OT) and industrial control system (ICS) engineering and have …
Lack of visibility plaguing ICS environments
Dragos released its report on cyber threats facing industrial organizations, naming the emergence of three new threat groups targeting ICS/OT environments, including two that …
Featured news
Resources
Don't miss
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption
- NetBird: Open-source network security
- Burnout in cybersecurity: How CISOs can protect their teams (and themselves)