The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j …
Operational technology and zero trust
Zero trust, otherwise known as zero trust architecture (ZTA), is a shift in the way we think about security. Zero trust is the concept of centralizing policy control, limiting …
Cultural divide between IT and OT teams leaves 65% of organizations unable to secure both environments
Only 21% of organizations have achieved full maturity of their ICS/OT cybersecurity program, in which emerging threats drive priority actions and C-level executives and the …
Most CIOs and CISOs underestimate the risk of an OT breach
A research study by Skybox Security found that 83% of organizations suffered an operational technology (OT) cybersecurity breach in the prior 36 months. The research also …
Three OT security lessons learned from 2021’s biggest cyber incidents
What do an oil pipeline, a water treatment plant, and a railway system have in common? They each rely on operational technology (OT) environments, and they were all victims of …
Trends in the OT/ICS security space and what’s to come
In July 2021, Armis appointed Sachin Shah, an Intel veteran of over 21 years, as its new CTO for Operational Technology (OT) and Industrial Control Systems (ICS). In this …
ICS vulnerabilities disclosed in H1 2021 rose by 41%
Industrial control system (ICS) vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have …
Collaboration is the key to protecting critical national infrastructure
Concern around protecting critical national infrastructure (CNI) is growing. Following several high-profile attacks and growing tensions around state sponsored cyber activity, …
Vulnerable TCP/IP stack is used by almost 200 device vendors
Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens …
Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations
Cybersecurity is a race. A race that has for over a decade been extended to include systems that run the world’s industrial facilities, where a breach can compromise more than …
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …
Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak …