How to Ensure Continuous Compliance with NERC CIP

What is NERC? The North American Electric Reliability Corporation, or NERC, is the largest electric reliability organization in North America. They’re responsible for over 1,900 bulk power system operations spanning the United States and Canada and the… Continue reading How to Ensure Continuous Compliance with NERC CIP

Scammers are impersonating the DarkSide ransomware gang

Someone out there is impersonating the infamous DarkSide ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins, Trend Micro warns. But the campaign is not producing the desired results, because the Bitc… Continue reading Scammers are impersonating the DarkSide ransomware gang

How to Mitigate Risk Against Operational Technology (OT)

Operational technology, or OT, is hardware and software technologies that monitor and control a variety of physical operations including, but not limited to processes, devices, and even various infrastructures like public rail transportation. As OT bec… Continue reading How to Mitigate Risk Against Operational Technology (OT)

Enhancing cyber resilience in the oil and gas industry

The World Economic Forum (WEF) has brought together industry and cybersecurity experts from companies and organizations such as Siemens Corp, Saudi Aramco, Royal Dutch Shell, the Cyber Security Agency of Singapore, the U.S. CISA, industrial cybersecuri… Continue reading Enhancing cyber resilience in the oil and gas industry

Cloud computing could prevent the emission of 1 billion metric tons of CO2

Continued adoption of cloud computing could prevent the emission of more than 1 billion metric tons of carbon dioxide (CO2) from 2021 through 2024, a forecast from IDC shows. The forecast uses data on server distribution and cloud and on-premises softw… Continue reading Cloud computing could prevent the emission of 1 billion metric tons of CO2

Attackers disrupting COVID-19 efforts and critical supply chains

Cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic, IBM Security reveals. In 2020 attackers were observed pivoting their attacks to … Continue reading Attackers disrupting COVID-19 efforts and critical supply chains

Researchers find critical RCE vulnerabilities in industrial VPN solutions

Critical vulnerabilities in several industrial VPN implementations for remotely accessing operational technology (OT) networks could allow attackers to overwrite data, execute malicious code or commands, cause a DoS condition, and more. “Exploiti… Continue reading Researchers find critical RCE vulnerabilities in industrial VPN solutions

Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack

19 vulnerabilities – some of them allowing remote code execution – have been discovered in a TCP/IP stack/library used in hundreds of millions of IoT devices deployed by organizations in a wide variety of industries and sectors. “Affe… Continue reading Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack

Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets

In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of a draft practice guide entitled, “NIST Special Publication (SP) 1800-23: Energy Secto… Continue reading Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets