Collaborate Disseminate
Well Designed, Yet Highly Vulnerable
Despite being decades old, SCADA control systems remain well-designed to this day. They bring multiple moving parts together – computers, networks, data communications and user interfaces – to manage machinery … Continue reading Protecting Industrial Control Systems Against Cyberattacks – Part 1
The FireEye Mandiant team has discovered multiple threat actors exploiting a zero-day vulnerability in Pulse Secure VPN appliances. The attack infrastructure is very sophisticated. The attacks persist in the VPN appliances, even across software updates… Continue reading Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass
The construction industry may not appear to be an obvious target for cybercrime, but it garners unwanted online attention just like other sectors. According to a report by IBM, the average cost of a data breach in the industrial sector was $4.99 millio… Continue reading 68% of construction executives have no cybersecurity measures in place
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of the vulnerabilities have been assigned the maximum (10.0) CVSS v3 base score an… Continue reading Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed amazing feats to keep civilization running under challenging circumstances throu… Continue reading ICS threat landscape highlights
The cyber attack that tried to poison the drinking water system in Oldsmar, Florida is similar to last year’s attack on small water systems in Israel. Both attacks tried to tamper with water treatment facilities to produce drinking water containi… Continue reading Misplaced expectations securing water treatment systems
Throughout the second half (2H) of 2020, 71% of industrial control system (ICS) vulnerabilities disclosed were remotely exploitable through network attack vectors, according to Claroty. The report also revealed a 25% increase in ICS vulnerabilities dis… Continue reading Number of ICS vulnerabilities disclosed in 2020 up significantly
Otorio, a provider of OT security and digital risk management solutions, released an open-source tool designed for hardening the security of GE Digital’s CIMPLICITY, one of the most commonly used HMI/SCADA systems. GE CIMPLICITY About GE Digital … Continue reading Open-source tool for hardening commonly used HMI/SCADA system
The recent SolarWinds software supply chain breach is a clear indication that strong OT cybersecurity is a must-have in today’s threat environment. Waterfall’s technologies have long enabled integration between OT networks and enterprise networks witho… Continue reading SolarWinds is the tip of the iceberg
A WatchGuard report reveals how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing camp… Continue reading How COVID-19 has impacted the security threat landscape