What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-01 18:06:04 | Take Your ICS/OT Cybersecurity Skills to the Next Level with Dragos Academy (lien direct) | >Dragos Academy is a learning environment where you can get acclimated with cybersecurity fundamentals for industrial control systems (ICS) and... The post Take Your ICS/OT Cybersecurity Skills to the Next Level with Dragos Academy first appeared on Dragos. | Industrial | ★★ | |
 |
2023-02-23 17:33:00 | (ISC)² Opens Security Congress 2023 Call for Presentations (lien direct) | (ISC)2 members and cybersecurity professionals worldwide are encouraged to share their expertise, best practices and experiences with their peers and career hopefuls. | Industrial | ★★★ | |
 |
2023-02-23 15:21:49 | Nomios Group expands in Southern Europe with the Italian Cybersecurity expert Aditinet (lien direct) | Nomios Group announced that it has completed the acquisition of a majority stake in Aditinet, a prominent cybersecurity company in the Italian market. The acquisition strengthens Nomios' European position as one of the leading cybersecurity service companies. - Business News | Guideline Industrial | ★★ | |
|
2023-02-22 22:10:00 | UL Solutions Advances Automotive Safety and Security (lien direct) | A combined team of UL Solutions safety science experts will address automotive cybersecurity, functional safety, automated driving and software development processes to help customers bring safer, more secure innovations to market. | Industrial | ★★ | |
 |
2023-02-22 20:30:12 | No, ChatGPT didn\'t win a hacking competition prize…yet (lien direct) | $20k Pwn2Own prize for the humans, zero for the AI It was bound to happen sooner or later. For the first time ever, bug hunters used ChatGPT in a successful Pwn2Own exploit, helping the researchers to hack software used in industrial applications and win $20,000.… | Hack Industrial | ChatGPT | ★★★ |
 |
2023-02-22 15:19:30 | More vulnerabilities in industrial systems raise fresh concerns about critical infrastructure hacks (lien direct) | >Researchers have revealed details about flaws in industrial systems that could give hackers access to the most sensitive networks. | Industrial | ★★ | |
 |
2023-02-22 11:00:00 | Governance of Zero Trust in manufacturing (lien direct) | Manufacturers are some of the most ambitious firms on the planet when it comes to harnessing the power of edge technology to modernize their businesses. As they make plans in 2023 to enhance business outcomes through the use of technologies such as 5G and IoT, manufacturers should also increasingly be called to innovate in the spheres of governance and cyber risk management. OT-IT convergence drives manufacturing modernization The convergence of operational technology (OT) on the factory floor with information technology (IT) is nearly synonymous with manufacturing modernization. OT-IT convergence enables new digital processes, remote connections, and smarter operations. It's a business outcome-oriented transformation that executive stakeholders have future success pinned upon. Recent studies from AT&T show that manufacturers are investing in initiatives such as smart warehousing, transportation optimization and video-based quality inspection at such a rate that the industry is advancing ahead of energy, finance, and healthcare verticals when it comes to edge adoption today. But to reap the business benefits from these investments, manufacturers need to recognize and attend to the cyber risk realities that are part and parcel with this inevitable convergence. Cybercriminals are increasingly targeting industrial control system (ICS) technologies that are the bedrock of the OT ecosystems. Attackers have learned to take advantage of ICS hyperconnectivity and convergence with the IT realm to great effect. Last year's warning from the federal Cybersecurity and Infrastructure Security Agency (CISA) attests to this, as do high-profile attacks last year against tire manufacturers, wind turbine producers, steel companies, car manufacturers, and more. Reducing risk through Zero Trust One of the most promising ways that manufacturers can begin to reduce the risk of these kinds of attacks is through the controls afforded by a Zero Trust architecture. From a technical perspective, Zero Trust unifies endpoint security technology, user, or system authentication, and network security enforcement to prevent unrestrained access to OT or IT networks—and reduce the risk of unchecked lateral movement by attackers. With Zero Trust, access is granted conditionally based on the risk level of users (or machines, or applications). It's a simple, elegant concept that requires careful execution to carry out. Thus, when looking at building a zero-trust strategy, ZTNA 2.0 solutions have a role to play in helping apply more effective controls at the application level that are responsive to account takeover attempts. ZTNA 2.0 combines fine-grained, least- privileged access with continuous trust verification and deep, ongoing security inspection to protect all users, devices, apps, and data everywhere – all from a simple unified product. Most importantly, too, is that Zero Trust requires business stakeholder input and collaboration to get right. Just as business stakeholders in manufacturing drive the push to the edge and the push for all nature of digital transformation and OT-IT convergence, they've got to be intimately involved with Zero Trust initiatives to spur success. "Technology can come and go, but what manufacturers are really after are business outcomes," says Theresa Lanowitz, head of cybersecurity evangelism for AT&T. "That's where we need to focus when it comes to Zero Trust—at its core it needs to be driven by the business, which really sets the North Star for Zero Trust governance." | Industrial | ★★ | |
|
2023-02-14 22:47:00 | OT Network Security Myths Busted in a Pair of Hacks (lien direct) | How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network. | Industrial | ★★ | |
 |
2023-02-14 18:53:13 | Ransomware attacks on industrial infrastructure doubled in 2022: Dragos (lien direct) |  The number of ransomware attacks on industrial infrastructure grew significantly in 2022, according to cybersecurity firm Dragos |
Ransomware Industrial | ★★★ | |
 |
2023-02-14 17:48:00 | Anomali Cyber Watch: Hospital Ransoms Pay for Attacks on Defense, Nodaria Got Upgraded Go-Based Infostealer, TA866 Moved Screenshot Functionality to Standalone Tool (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Infostealers, Malicious packages, Malicious redirects, North Korea, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
(published: February 9, 2023)
The US and South Korea issued a joint advisory on ongoing, North Korea-sponsored ransomware activity against healthcare and other critical infrastructure. The proceedings are used to fund North Korea’s objectives including further cyber attacks against the US and South Korean defense and defense industrial base sectors. For initial access, the attackers use a trojanized messenger (X-Popup) or various exploits including those targeting Apache log4j2 and SonicWall appliances. Despite having two custom ransomware crypters, Maui and H0lyGh0st, the attackers can portray themselves as a different ransomware group (REvil) and/or use publicly-available crypters, such as BitLocker, Deadbolt, ech0raix, GonnaCry, Hidden Tear, Jigsaw, LockBit 2.0, My Little Ransomware, NxRansomware, Ryuk, and YourRansom.
Analyst Comment: Organizations in the healthcare sector should consider following the Cross-Sector Cybersecurity Performance Goals developed by the U.S. Cybersecurity and Infrastructure Security Agency and the U.S. National Institute of Standards and Technology. Follow the principle of least privilege by using standard user accounts on internal systems instead of administrative accounts. Turn off weak or unnecessary network device management interfaces.
MITRE ATT&CK: [MITRE ATT&CK] T1583 - Acquire Infrastructure | [MITRE ATT&CK] T1583.003 - Acquire Infrastructure: Virtual Private Server | [MITRE ATT&CK] T1190 - Exploit Public-Facing Application | [MITRE ATT&CK] T1133 - External Remote Services | [MITRE ATT&CK] T1195 - Supply Chain Compromise | [MITRE ATT&CK] T1083 - File And Directory Discovery | [MITRE ATT&CK] T1021 - Remote Services | [MITRE ATT&CK] T1486: Data Encrypted for Impact
Tags: malware-type:Ransomware, source-country:North Korea, source-country:DPRK, source-country:KP, target-industry:Healthcare, target-sector:Critical infrastructure, target-industry:Defense, target-industry:Defense Industrial Base, Log4Shell, SonicWall, CVE-2021-44228, CVE-2021-20038, CVE-2022-24990, X-Popup, malware:Maui, malware:H0lyGh0st, malware:BitLocker, malware:Deadbolt, malware:ech0raix, malware:GonnaCry, malware:Hidden Tear, malware:Jigsaw, malware:LockBit 2.0, malware:My Little Ransomware, malware:NxRansomware, malware:Ryuk, malware:YourRansom
|
Threat Ransomware Malware Tool Industrial | ★★ | |
|
2023-02-14 15:10:00 | SynSaber Launches a Free OT PCAP Analyzer Tool for the Industrial Security Community (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Infostealers, Malicious packages, Malicious redirects, North Korea, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
(published: February 9, 2023)
The US and South Korea issued a joint advisory on ongoing, North Korea-sponsored ransomware activity against healthcare and other critical infrastructure. The proceedings are used to fund North Korea’s objectives including further cyber attacks against the US and South Korean defense and defense industrial base sectors. For initial access, the attackers use a trojanized messenger (X-Popup) or various exploits including those targeting Apache log4j2 and SonicWall appliances. Despite having two custom ransomware crypters, Maui and H0lyGh0st, the attackers can portray themselves as a different ransomware group (REvil) and/or use publicly-available crypters, such as BitLocker, Deadbolt, ech0raix, GonnaCry, Hidden Tear, Jigsaw, LockBit 2.0, My Little Ransomware, NxRansomware, Ryuk, and YourRansom.
Analyst Comment: Organizations in the healthcare sector should consider following the Cross-Sector Cybersecurity Performance Goals developed by the U.S. Cybersecurity and Infrastructure Security Agency and the U.S. National Institute of Standards and Technology. Follow the principle of least privilege by using standard user accounts on internal systems instead of administrative accounts. Turn off weak or unnecessary network device management interfaces.
MITRE ATT&CK: [MITRE ATT&CK] T1583 - Acquire Infrastructure | [MITRE ATT&CK] T1583.003 - Acquire Infrastructure: Virtual Private Server | [MITRE ATT&CK] T1190 - Exploit Public-Facing Application | [MITRE ATT&CK] T1133 - External Remote Services | [MITRE ATT&CK] T1195 - Supply Chain Compromise | [MITRE ATT&CK] T1083 - File And Directory Discovery | [MITRE ATT&CK] T1021 - Remote Services | [MITRE ATT&CK] T1486: Data Encrypted for Impact
Tags: malware-type:Ransomware, source-country:North Korea, source-country:DPRK, source-country:KP, target-industry:Healthcare, target-sector:Critical infrastructure, target-industry:Defense, target-industry:Defense Industrial Base, Log4Shell, SonicWall, CVE-2021-44228, CVE-2021-20038, CVE-2022-24990, X-Popup, malware:Maui, malware:H0lyGh0st, malware:BitLocker, malware:Deadbolt, malware:ech0raix, malware:GonnaCry, malware:Hidden Tear, malware:Jigsaw, malware:LockBit 2.0, malware:My Little Ransomware, malware:NxRansomware, malware:Ryuk, malware:YourRansom
|
Tool Industrial | ★★★ | |
 |
2023-02-14 14:41:00 | Attacks on industrial infrastructure on the rise, defenses struggle to keep up (lien direct) | The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled external connections into their OT networks."A number of the threats that Dragos tracks may evolve their disruptive and destructive capabilities in the future because adversaries often do extensive research and development (R&D) and build their programs and campaigns over time," the Dragos researchers said in a newly released annual report. "This R&D informs their future campaigns and ultimately increases their disruptive capabilities."To read this article in full, please click here | Malware Industrial | ★★ | |
|
2023-02-14 10:01:00 | Just Released – Dragos\'s Latest ICS/OT Cybersecurity Year in Review Is Now Available (lien direct) | >In 2022, breakthrough evolution in the development of malware targeting industrial control systems (ICS), scaled ransomware attacks against manufacturing, and... The post Just Released – Dragos's Latest ICS/OT Cybersecurity Year in Review Is Now Available first appeared on Dragos. | Ransomware Malware Industrial | ★★ | |
 |
2023-02-13 15:29:00 | Honeypot-Factory: The Use of Deception in ICS/OT Environments (lien direct) | There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That's to be expected, as production systems are commonly connected to ordinary corporate networks at this point. Though our data does not indicate at this point that a lot of threat actors specifically | Threat Industrial | ★★ | |
 |
2023-02-13 02:50:26 | Cybersecurity Is Necessary for Mission-Critical Energy Grids (lien direct) | Today's energy sector is undergoing massive change, especially as more utilities try to usher in clean or renewable energy alternatives like solar, geothermal, hydroelectric, and wind power. In addition to the clean energy transition, grid modernization is another major shift in the energy industry. The Industrial Internet of Things (IIoT) is expected to transform the energy grid and support modernization efforts. However, with more technological innovations than ever before, operators must make careful considerations, especially in light of recent cyberattacks against critical infrastructure... | Industrial | ★★ | |
|
2023-02-10 11:19:56 | ChatGPT pourrait déjà être utilisé par les États-nation dans le cadre de cyberattaques (lien direct) | ChatGPT pourrait déjà être utilisé par les États-nation dans le cadre de cyberattaques Une récente étude BlackBerry, montre que 63 % des décideurs IT français interrogés pensent que ChatGPT sera à l'origine d'une cyberattaque réussie d'ici 1 à 2 ans. 92 % estimeraient que la réglementation des technologies avancées - comme ChatGPT, et leurs usages est du ressort des gouvernements. - Malwares | Industrial | ChatGPT | ★★★ |
|
2023-02-10 10:45:00 | Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks (lien direct) | It's common for operational technology (OT) teams to connect industrial control systems (ICS) to remote control and monitoring centers via wireless and cellular solutions that sometimes come with vendor-run, cloud-based management interfaces. These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers.Industrial cybersecurity firm Otorio released a report this week highlighting the attack vectors these devices are susceptible to along with vulnerabilities the company's researchers found in several such products. "Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments," the Otorio researchers said in their report. "This is due to the minimal requirements for exploitation and potential impact."To read this article in full, please click here | Industrial | ★★★ | |
 |
2023-02-10 10:30:00 | Fifth of ICS Bugs Have No Patch Available (lien direct) | Some industrial systems have been exposed for three years | Industrial | ★★★ | |
|
2023-02-09 19:39:00 | Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices (lien direct) | A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. "Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks," Israeli | Threat Industrial | ★★★★ | |
|
2023-02-08 18:45:00 | GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks (lien direct) | Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment. | Industrial | ★★ | |
 |
2023-02-08 13:18:38 | Siemens License Manager Vulnerabilities Allow ICS Hacking (lien direct) | >The Siemens Automation License Manager is affected by two serious vulnerabilities that could be chained to hack industrial control systems (ICS). | Hack Industrial | ★★ | |
|
2023-02-08 04:31:31 | The Role of Data Hygiene in the Security of the Energy Industry (lien direct) | We create massive amounts of data daily, from the exercise stats compiled by our wearable devices to smart meters used at our homes to reduce expense consumption to maintenance statistics of critical systems in industrial settings. If data creation continues at its present rate, more than a yottabyte (a million trillion megabytes) will likely be generated annually by 2030. Even though big data is moving power behind modern, digital-first organizations, an average company uses only a fraction of the data they collect. According to a recent survey by VMware, 83% of business leaders believe that... | Guideline Industrial | ★★ | |
|
2023-02-07 18:10:00 | Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform (lien direct) | We create massive amounts of data daily, from the exercise stats compiled by our wearable devices to smart meters used at our homes to reduce expense consumption to maintenance statistics of critical systems in industrial settings. If data creation continues at its present rate, more than a yottabyte (a million trillion megabytes) will likely be generated annually by 2030. Even though big data is moving power behind modern, digital-first organizations, an average company uses only a fraction of the data they collect. According to a recent survey by VMware, 83% of business leaders believe that... | Industrial | ★★ | |
 |
2023-02-07 17:15:11 | CVE-2022-41312 (lien direct) | A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="Switch Description", name "switch_description" | Guideline Industrial Vulnerability | ||
|
2023-02-07 17:15:11 | CVE-2022-41313 (lien direct) | A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="switch_contact" | Guideline Industrial Vulnerability | ||
|
2023-02-07 17:15:10 | CVE-2022-40693 (lien direct) | A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. | Guideline Industrial Vulnerability | ||
|
2023-02-07 17:15:10 | CVE-2022-40691 (lien direct) | An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. | Guideline Industrial Vulnerability | ||
|
2023-02-07 17:15:10 | CVE-2022-40224 (lien direct) | A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. | Guideline Industrial Vulnerability | ||
|
2023-02-07 17:15:10 | CVE-2022-41311 (lien direct) | A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability.Form field id="webLocationMessage_text" name="webLocationMessage_text" | Guideline Industrial Vulnerability | ||
|
2023-02-06 03:10:01 | How to Advance ICS Cybersecurity: Implement Continuous Monitoring (lien direct) | Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control systems like Remote Terminal Units (RTU) and Programmable Logic Controllers (PLC). A malfunction in any of these systems or the network in which they operate could result in the failure of the entire industrial process, with... | Industrial | ★★★★ | |
|
2023-02-02 06:15:08 | CVE-2022-33323 (lien direct) | Active Debug Code vulnerability in robot controller of Mitsubishi Electric Corporation industrial robot MELFA SD/SQ Series and MELFA F-Series allows a remote unauthenticated attacker to gain unauthorized access by authentication bypass through an unauthorized telnet login. As for the affected model names, controller types and firmware versions, see the Mitsubishi Electric's advisory which is listed in [References] section. | Industrial Vulnerability | ||
|
2023-02-01 16:00:00 | Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover (lien direct) | Two security holes - one particularly gnarly - could allow hackers the freedom to do as they wish with the popular edge equipment. | Industrial | ★★ | |
|
2023-02-01 12:00:00 | Cyber Insights 2023: ICS and Operational Technology (lien direct) | >The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while cybercriminals have had their restraints reduced. | Industrial | Equifax | ★★★ |
|
2023-01-31 16:15:00 | NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America (lien direct) | To meet a pressing demand for industrial and OT security, zero-trust, device-level cybersecurity provider expands with strategic hires in new and established markets. | Industrial | ★★ | |
 |
2023-01-27 09:16:11 | Critical Infrastructure: Protecting Health Service Data (lien direct) | >There are few sectors where privacy is as essential as it is in healthcare. People's health and personal information should be protected at all costs - and cyberattacks can jeopardize both.Unfortunately, healthcare institutions are a prime target for cybercriminals looking to obtain a wealth of sensitive data, including the names, addresses, social security numbers, and [...] | Industrial | ★★★ | |
|
2023-01-24 13:23:13 | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements (lien direct) | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements The first-ever thorough analysis of the state of cybersecurity of the US defense industrial base (DIB) reveals that nearly 90% of its contractors do not meet the required security standards. - Special Reports | Industrial | ★★ | |
|
2023-01-23 16:01:50 | (Déjà vu) Protected: Dragos Industrial Ransomware Analysis: Q4 2022 (lien direct) | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements The first-ever thorough analysis of the state of cybersecurity of the US defense industrial base (DIB) reveals that nearly 90% of its contractors do not meet the required security standards. - Special Reports | Ransomware Industrial | ★★★★ | |
|
2023-01-20 07:15:15 | CVE-2023-20037 (lien direct) | A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application. An attacker could exploit this vulnerability by sending requests containing malicious values to the affected system. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | Industrial Vulnerability | ||
|
2023-01-20 07:15:15 | CVE-2023-20038 (lien direct) | A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director. | Industrial Vulnerability | ||
|
2023-01-19 12:48:00 | BrandPost: Securing Critical Infrastructure with Zero Trust (lien direct) | Critical infrastructure forms the fabric of our society, providing power for our homes and businesses, fuel for our vehicles, and medical services that preserve human health.With the acceleration of digital transformation spurred by the pandemic, larger and larger volumes of critical infrastructure and services have become increasingly connected. Operational technology (OT) serves a critical role as sensors in power plants, water treatment facilities, and a broad range of industrial environments.Digital transformation has also led to a growing convergence between OT and information technology (IT). All of this connection brings accessibility benefits, but it also introduces a host of potential security risks.To read this article in full, please click here | Industrial Medical | ★ | |
 |
2023-01-19 11:41:52 | CISA Warns for Vulnerabilities in Industrial Control Systems (ICS) (lien direct) | >The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about multiple security vulnerabilities in GE Digital, Siemens, Contec,... | Industrial | ★★★ | |
|
2023-01-19 10:01:00 | Many ICS flaws remain unpatched as attacks against critical infrastructure rise (lien direct) | Patching vulnerabilities in industrial environments has always been challenging due to interoperability concerns, strict uptime requirements, and sometimes the age of devices. According to a recent analysis, a third of vulnerabilities don't even have patches or remediations available.Out of 926 CVEs -- unique vulnerability identifiers -- that were included in ICS advisories from the US Cybersecurity and Infrastructure Security Agency (CISA) during the second half of 2022, 35% had no patch or remediation available from the vendor, according to an analysis by SynSaber, a security company that specializes in industrial asset and network monitoring.To read this article in full, please click here | Industrial Vulnerability | ★★★ | |
 |
2023-01-18 22:08:31 | A Comprehensive Guide to IoT Security (lien direct) | >As digital transformation fuels the proliferation of IoT devices across industrial environments, having a strong IoT security program in place has become vital to protect critical infrastructure from cyberattacks. Table of Contents: What Is IoT Security? The Internet of Things, also known as IoT, is a system of interconnected computing devices, mechanical machines, or objects […] | Industrial | ★★★★ | |
|
2023-01-18 19:03:05 | Too many default \'admin1234\' passwords increase risk for industrial systems, research finds (lien direct) | Researchers say a growing number of internet-connected devices linked to critical infrastructure organizations don't have basic protections. | Industrial | ★★ | |
|
2023-01-18 17:10:00 | ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware (lien direct) | Threat actors are diversifying across all aspects to attack critical infrastructure, muddying the threat landscape, and forcing industrial organizations to rethink their security. | Threat Malware Industrial | ★★ | |
|
2023-01-18 11:26:00 | CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw (CVE-2022-45092, CVSS score: 9.9) | Guideline Industrial | ★★★ | |
|
2023-01-18 11:18:16 | Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels (lien direct) | 
Norway-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
|
Ransomware Industrial | ★★ | |
 |
2023-01-17 17:15:00 | Phishing parti: la chasse aux e-mails malveillants sur le thème industriel pour prévenir les compromis technologiques opérationnels Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises (lien direct) |
Le phishing est l'une des techniques les plus courantes utilisées pour fournir des logiciels malveillants et accéder aux réseaux cibles.Ce n'est pas seulement en raison de sa simplicité et de son évolutivité, mais aussi en raison de son efficacité dans l'exploitation des vulnérabilités du comportement humain.Malgré l'existence d'outils de détection sophistiqués et la sensibilisation à la sécurité des techniques de phishing, les défenseurs de tous les secteurs verticaux de l'industrie continuent de lutter pour éviter les compromis de phishing.
mandiant observe régulièrement les acteurs qui propagent des e-mails de phishing contenant une terminologie et des concepts spécifiques aux secteurs industriels, tels que l'énergie
Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Despite the existence of sophisticated detection tooling and security awareness of phishing techniques, defenders across all industry verticals continue to struggle to avoid phishing compromises. Mandiant regularly observes actors spreading phishing emails that contain terminology and concepts specific to industrial sectors, such as energy |
Malware Industrial Vulnerability | ★★★★ | |
|
2023-01-17 11:00:00 | IT/OT convergence and Cybersecurity best practices (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Most of the time, the advantages of technology overshadow the recognition of challenges. IT/OT convergence has given a boost to the industry, there are many cybersecurity considerations. Due to a lack of legislation, best practices are filling the void. This article will give an overview of industrial cybersecurity best practices. According to a survey presented by Veracode in 2022, more than 75% of all software applications have security flaws that can serve as a gateway to larger environments. With the spread of industrial IT (Information Technology) / OT (Operational Technology) integration, it means that almost every infrastructure is in possible danger of cyberattacks. The two sides of the IT/OT convergence coin Industrial IT/OT convergence has been accelerated by the advantages it offers to the sector. These advantages have made production faster, cheaper, and more automated. The convergence has been advancing at such a pace that the flipside of its use has never been given serious thought until recently. With the obvious advantages, challenges have surfaced as well. The need for a comprehensive solution has already appeared in recent years, but until this day, best practices are routine. Best practices for IT/OT converged environment During the years of broad-scale IT/OT implementation, operational and cybersecurity experience has been gathered. This serves as the basis for industrial best practices and their practical implementation, which ranges from recommendations to practical steps. Regulations. Industrial regulations and legislation should set standards. Though there are some governmental initiatives – like Executive Order 14028 – for building an overall framework, the bottom-to-top need has already surfaced. CIS Controls (Critical Security Controls) Version 8 is one of those comprehensive cybersecurity bottom-to-top frameworks that are the most often referred to by legal, regulatory, and policy bodies. CIS has been developed by the global IT community to set up practical cybersecurity measures. Each version is an evolution of the previous, so it is constantly evolving as practice, and technological advancement require it. Zero Trust. In every critical infrastructure, the basic approach should be the “zero trust principle.” According to this notion, entering data, and exiting data, users, and context should be treated with the highest distrust. Risk-based approach. It is a strategy that assesses hardware and software status to prevent cybersecurity risks and mitigate possible consequences of a breach. The process has several compliance points. These include device version and patching date checkup, finding security and safety issues, and revealing the exploitation history of applied devices. The strategy is only effective if it is completed with constant threat monitoring. In this case, operators are aware of system vulnerabilities if there is no or a delayed system update. | Threat Patching Industrial Vulnerability | ★★★★ | |
|
2023-01-16 16:17:00 | CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter | Industrial | ★★★ |
To see everything:
Our RSS (filtrered)
