What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-31 16:15:00 | NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America (lien direct) | To meet a pressing demand for industrial and OT security, zero-trust, device-level cybersecurity provider expands with strategic hires in new and established markets. | Industrial | ★★ | |
 |
2023-01-27 09:16:11 | Critical Infrastructure: Protecting Health Service Data (lien direct) | >There are few sectors where privacy is as essential as it is in healthcare. People's health and personal information should be protected at all costs - and cyberattacks can jeopardize both.Unfortunately, healthcare institutions are a prime target for cybercriminals looking to obtain a wealth of sensitive data, including the names, addresses, social security numbers, and [...] | Industrial | ★★★ | |
 |
2023-01-24 13:23:13 | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements (lien direct) | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements The first-ever thorough analysis of the state of cybersecurity of the US defense industrial base (DIB) reveals that nearly 90% of its contractors do not meet the required security standards. - Special Reports | Industrial | ★★ | |
 |
2023-01-23 16:01:50 | (Déjà vu) Protected: Dragos Industrial Ransomware Analysis: Q4 2022 (lien direct) | Nearly 90% of the Pentagon supply chain fails basic cybersecurity requirements The first-ever thorough analysis of the state of cybersecurity of the US defense industrial base (DIB) reveals that nearly 90% of its contractors do not meet the required security standards. - Special Reports | Ransomware Industrial | ★★★★ | |
 |
2023-01-20 07:15:15 | CVE-2023-20037 (lien direct) | A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application. An attacker could exploit this vulnerability by sending requests containing malicious values to the affected system. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | Vulnerability Industrial | ||
|
2023-01-20 07:15:15 | CVE-2023-20038 (lien direct) | A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director. | Vulnerability Industrial | ||
 |
2023-01-19 12:48:00 | BrandPost: Securing Critical Infrastructure with Zero Trust (lien direct) | Critical infrastructure forms the fabric of our society, providing power for our homes and businesses, fuel for our vehicles, and medical services that preserve human health.With the acceleration of digital transformation spurred by the pandemic, larger and larger volumes of critical infrastructure and services have become increasingly connected. Operational technology (OT) serves a critical role as sensors in power plants, water treatment facilities, and a broad range of industrial environments.Digital transformation has also led to a growing convergence between OT and information technology (IT). All of this connection brings accessibility benefits, but it also introduces a host of potential security risks.To read this article in full, please click here | Industrial Medical | ★ | |
 |
2023-01-19 11:41:52 | CISA Warns for Vulnerabilities in Industrial Control Systems (ICS) (lien direct) | >The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about multiple security vulnerabilities in GE Digital, Siemens, Contec,... | Industrial | ★★★ | |
|
2023-01-19 10:01:00 | Many ICS flaws remain unpatched as attacks against critical infrastructure rise (lien direct) | Patching vulnerabilities in industrial environments has always been challenging due to interoperability concerns, strict uptime requirements, and sometimes the age of devices. According to a recent analysis, a third of vulnerabilities don't even have patches or remediations available.Out of 926 CVEs -- unique vulnerability identifiers -- that were included in ICS advisories from the US Cybersecurity and Infrastructure Security Agency (CISA) during the second half of 2022, 35% had no patch or remediation available from the vendor, according to an analysis by SynSaber, a security company that specializes in industrial asset and network monitoring.To read this article in full, please click here | Vulnerability Industrial | ★★★ | |
 |
2023-01-18 22:08:31 | A Comprehensive Guide to IoT Security (lien direct) | >As digital transformation fuels the proliferation of IoT devices across industrial environments, having a strong IoT security program in place has become vital to protect critical infrastructure from cyberattacks. Table of Contents: What Is IoT Security? The Internet of Things, also known as IoT, is a system of interconnected computing devices, mechanical machines, or objects […] | Industrial | ★★★★ | |
 |
2023-01-18 19:03:05 | Too many default \'admin1234\' passwords increase risk for industrial systems, research finds (lien direct) | Researchers say a growing number of internet-connected devices linked to critical infrastructure organizations don't have basic protections. | Industrial | ★★ | |
|
2023-01-18 17:10:00 | ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware (lien direct) | Threat actors are diversifying across all aspects to attack critical infrastructure, muddying the threat landscape, and forcing industrial organizations to rethink their security. | Malware Threat Industrial | ★★ | |
 |
2023-01-18 11:26:00 | CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw (CVE-2022-45092, CVSS score: 9.9) | Guideline Industrial | ★★★ | |
 |
2023-01-18 11:18:16 | Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels (lien direct) | 
Norway-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
|
Ransomware Industrial | ★★ | |
 |
2023-01-17 17:15:00 | Phishing parti: la chasse aux e-mails malveillants sur le thème industriel pour prévenir les compromis technologiques opérationnels Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises (lien direct) |
Le phishing est l'une des techniques les plus courantes utilisées pour fournir des logiciels malveillants et accéder aux réseaux cibles.Ce n'est pas seulement en raison de sa simplicité et de son évolutivité, mais aussi en raison de son efficacité dans l'exploitation des vulnérabilités du comportement humain.Malgré l'existence d'outils de détection sophistiqués et la sensibilisation à la sécurité des techniques de phishing, les défenseurs de tous les secteurs verticaux de l'industrie continuent de lutter pour éviter les compromis de phishing.
mandiant observe régulièrement les acteurs qui propagent des e-mails de phishing contenant une terminologie et des concepts spécifiques aux secteurs industriels, tels que l'énergie
Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Despite the existence of sophisticated detection tooling and security awareness of phishing techniques, defenders across all industry verticals continue to struggle to avoid phishing compromises. Mandiant regularly observes actors spreading phishing emails that contain terminology and concepts specific to industrial sectors, such as energy |
Malware Vulnerability Industrial | ★★★★ | |
 |
2023-01-17 11:00:00 | IT/OT convergence and Cybersecurity best practices (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Most of the time, the advantages of technology overshadow the recognition of challenges. IT/OT convergence has given a boost to the industry, there are many cybersecurity considerations. Due to a lack of legislation, best practices are filling the void. This article will give an overview of industrial cybersecurity best practices. According to a survey presented by Veracode in 2022, more than 75% of all software applications have security flaws that can serve as a gateway to larger environments. With the spread of industrial IT (Information Technology) / OT (Operational Technology) integration, it means that almost every infrastructure is in possible danger of cyberattacks. The two sides of the IT/OT convergence coin Industrial IT/OT convergence has been accelerated by the advantages it offers to the sector. These advantages have made production faster, cheaper, and more automated. The convergence has been advancing at such a pace that the flipside of its use has never been given serious thought until recently. With the obvious advantages, challenges have surfaced as well. The need for a comprehensive solution has already appeared in recent years, but until this day, best practices are routine. Best practices for IT/OT converged environment During the years of broad-scale IT/OT implementation, operational and cybersecurity experience has been gathered. This serves as the basis for industrial best practices and their practical implementation, which ranges from recommendations to practical steps. Regulations. Industrial regulations and legislation should set standards. Though there are some governmental initiatives – like Executive Order 14028 – for building an overall framework, the bottom-to-top need has already surfaced. CIS Controls (Critical Security Controls) Version 8 is one of those comprehensive cybersecurity bottom-to-top frameworks that are the most often referred to by legal, regulatory, and policy bodies. CIS has been developed by the global IT community to set up practical cybersecurity measures. Each version is an evolution of the previous, so it is constantly evolving as practice, and technological advancement require it. Zero Trust. In every critical infrastructure, the basic approach should be the “zero trust principle.” According to this notion, entering data, and exiting data, users, and context should be treated with the highest distrust. Risk-based approach. It is a strategy that assesses hardware and software status to prevent cybersecurity risks and mitigate possible consequences of a breach. The process has several compliance points. These include device version and patching date checkup, finding security and safety issues, and revealing the exploitation history of applied devices. The strategy is only effective if it is completed with constant threat monitoring. In this case, operators are aware of system vulnerabilities if there is no or a delayed system update. | Vulnerability Threat Patching Industrial | ★★★★ | |
|
2023-01-16 16:17:00 | CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter | Industrial | ★★★ | |
|
2023-01-16 11:14:57 | Cybersecurity Experts Cast Doubt on Hackers\' ICS Ransomware Claims (lien direct) | A hacktivist group has made bold claims regarding an attack on an industrial control system (ICS) device, but industry professionals have questioned their claims. | Ransomware Industrial | ★★ | |
 |
2023-01-05 05:50:00 | Focusing on Your Adversary (lien direct) | Every day, we hear news stories or read articles about data breaches and other cyber security threats. As malicious threat actors and the risk of cyber threats increase, protecting networks and valuable information becomes more critical. So what can organizations do to ensure their networks remain secure? Organizations must understand their adversaries’ identities to keep data safe and protect it from cyber-attacks. This article will explore the different types of threats facing enterprise organizations and what they can do to stay ahead of them. Evolving Cyber Attacks Cyber attacks are constantly evolving as attackers continue to find new ways to exploit vulnerabilities. This includes: Increased use of artificial intelligence (AI) and machine learning: Attackers are using AI and machine learning to automate and improve the effectiveness of their attacks. For example, AI can be used to generate convincing phishing emails or to bypass security systems. Rise of ransomware: Ransomware attacks, which involve encrypting a victim’s data and demanding a ransom to decrypt it, have become increasingly common in recent years. Ransomware attacks can significantly impact businesses, disrupting operations and resulting in financial losses. More targeted attacks: Rather than broad-based attacks that aim to compromise as many systems as possible, attackers are increasingly using targeted attacks designed to exploit a particular organization’s vulnerabilities. Increased focus on mobile devices: Mobile devices, such as smartphones and tablets, are becoming increasingly vulnerable to cyber-attacks. As a result, attackers focus more on exploiting these devices’ vulnerabilities. Increased use of cloud services: As more organizations move to the cloud, attackers are finding new ways to exploit vulnerabilities in these systems. For example, attackers may try to gain access to an organization’s cloud-based data or disrupt its cloud-based operations. It’s not only crucial for organizations to stay up-to-date on the latest trends in cyber attacks and to implement appropriate security measures to protect against them. It’s even more important to pinpoint your adversaries to understand their TTPs to protect and predict their next attack. Types of Adversaries There are many different types of cybersecurity adversaries that organizations have to deal with. Some common types of adversaries include: Hackers: Individuals or groups who attempt to gain unauthorized access to systems or networks for various reasons, such as stealing data, disrupting operations, or causing damage. Cybercriminals: Individuals or groups who use the internet to commit crimes, such as identity theft, fraud, or extortion. Cyber Terrorists: A group that’s goal is to disrupt operations, cause harm, and destroy data. Increasingly targeting critical infrastructures such as power plants, water treatment facilities, transportation systems, and healthcare providers. Nation-state actors: Governments or government-sponsored organizations that use cyber attacks as part of their foreign policy or military operations. Insider threats: Individuals with legitimate access to an organization’s systems or networks use that access to cause harm or steal sensitive information. Malicious insiders: These are individuals who are intentionally malicious and seek to cause harm to an organization’s systems or networks. Hacktivists: The term “hacktivists” refers to people who use hacking techniques to disrupt computer systems and networks in pursuit of political goals. Hackers often work alone, though some groups do exist. Script Kiddies: Originally used to describe young hackers, it now refer | Ransomware Malware Tool Vulnerability Threat Industrial Prediction | ★★★ | |
 |
2023-01-05 00:00:00 | Why Data Hygiene is Key to Industrial Cybersecurity (lien direct) | How can highly distributed organizations with complex, integrated supply chains defend against cyber threats? By practicing good data hygiene based on zero-trust principles. | Industrial | ★★ | |
|
2023-01-03 11:00:00 | Five reasons why Cybersecurity training is important in 2023 (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The digital world is ever-expanding in scope and influence, both in personal and professional matters. In the last few years, business operations have become increasingly dependent on technology, and on employees to use that technology safely. While remote and mobile work have been necessary and useful, they also open the door for cybercriminals to take advantage of lax security measures and employees’ ignorance of best practices. So long as companies are carrying out some or all of their affairs in the digital realm, cybersecurity is easily as important as physical security. As one cybersecurity awareness training guide puts it: “if businesses are to thrive in the Fourth Industrial Revolution, security needs to be not only top of mind, but a fluent language.” Some of the most pressing reasons for cybersecurity training are detailed below. 1. Compliance with regulations There are many areas of business operations which are governed by legal or regulatory oversight to protect against various risks inherent to digital activities. These include HIPAA, which outlines rules regarding private health information, PCI SSC, which seeks to strengthen payment account security, and GDPR, which regulates general data privacy. Complying with these regulations is necessary for several reasons, although the dominant motivator for compliance is that the organizations can and will impose fines on businesses that fail to meet standards. It has often been said that a business is only as strong as its weakest link, and nowhere is this truer than in the world of data security. Any one employee can be a liability when it comes to the practices that an enterprise puts in place to protect consumer data as well as their own. When compliance is mandated and the threat of fines is looming, companies must ensure that all of their employees are properly trained and informed on the regulations in place. 2. Protecting enterprise assets Aside from wanting to avoid fines, however, businesses should still attempt to meet these regulatory standards for their own good. While meeting the bare minimum of compliance standards will keep a company out of hot water with regulatory boards, it will not necessarily protect the company itself. According to one report from IBM, the average cost of a data breach is 4.35 million USD. Ensuring that employees are trained in cybersecurity awareness greatly decreases the risk of a data breach occurring, as well as ensuring that employees know how to respond in the event that there is an attack targeting the company’s data. 3. Protecting consumer data Ostensibly protected by the aforementioned regulatory standards, consumer data is still at a huge risk of being obtained, stolen, or leveraged by cybercriminals. An attack that only targets a company’s internal data is dangerous to the company, but an attack that targets consumer data can have far-reaching consequences that affect thousands or millions of people. The responsibility for password complexity and variation, device and website privacy settings, and the amount of data shared can be at least partially placed upon the consumer’s shoulders. But the company must have its own measures in place as well to protect against attacks on customer data. Thorough and effective cybersecurity awareness training will reduce the chances of employee error l | Data Breach Threat Guideline Industrial Prediction | ★★★ | |
 |
2022-12-26 00:00:00 | CISO\'s Challenges Involved with Business Leader & SOC (lien direct) | Yohei Ishihara, IoT security evangelist at Trend Micro, discussed the challenges CISOs facing within organizations driving industrial IoT. | Industrial Prediction | ★★ | |
 |
2022-12-21 16:46:50 | CLOUD DE CONFIANCE : NOUVEAU DISPOSITIF D\'ACCOMPAGNEMENT VERS L\'OBTENTION DU VISA DE SECURITE SECNUMCLOUD A DESTINATION DE NOS STARTUPS ET PME (lien direct) | Annoncée le 12 septembre 2022, depuis Strasbourg, lors du déplacement de Bruno Le Maire, ministre de l'Économie, des Finances et de la Souveraineté industrielle et numérique et de Jean-Noël Barrot, cette mesure est aujourd'hui mise en oeuvre. | Industrial | ★★★ | |
 |
2022-12-19 16:06:00 | Applying a Zero Trust Mindset to Securing Industrial Control Systems (lien direct) | Learn from multiple CISOs about the zero-trust mindset necessary across OT and IT to secure modern and legacy solutions while supporting remote access and protecting resources within a network boundary. | Industrial | ★★ | |
|
2022-12-14 02:00:00 | Clear and present danger-report highlights serious cybersecurity issues with US defense contractors (lien direct) | When a company engages in business with a government, especially with the defense sector of that government, one should expect that security surrounding the engagement would be a serious endeavor. A recent report offered up by CyberSheath throws cold water on that assumption-indeed, DEFENSELESS - A statistical report on the state of cybersecurity maturity across the defense industrial base (DIB) should embarrass the sector and begs the question: why are some companies still allowed to do business with the government at all?The CyberSheath report, conducted by Merrill research, surveyed 300 US members of the DIB and judged their results as having a 95% probability of being accurate. Which should give everyone pause, as the results are startling.To read this article in full, please click here | Industrial | ★★★ | |
|
2022-12-13 22:15:09 | CVE-2022-2660 (lien direct) | Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine. | Industrial | ||
|
2022-12-13 16:15:21 | CVE-2022-33238 (lien direct) | Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | Industrial | ||
|
2022-12-13 16:15:21 | CVE-2022-33268 (lien direct) | Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:21 | CVE-2022-33235 (lien direct) | Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25692 (lien direct) | Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25685 (lien direct) | Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25682 (lien direct) | Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25702 (lien direct) | Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25695 (lien direct) | Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:18 | CVE-2022-25711 (lien direct) | Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | Industrial | ||
|
2022-12-13 16:15:17 | CVE-2022-25677 (lien direct) | Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | Industrial | ||
|
2022-12-13 16:15:17 | CVE-2022-25675 (lien direct) | Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile | Industrial | ||
|
2022-12-13 16:15:17 | CVE-2022-25681 (lien direct) | Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | Industrial | ||
|
2022-12-13 07:40:10 | OT Cybersecurity in 2023: Time to Show the Receipts (lien direct) | >There has been public broad realization that operations which tolerate little to no physical downtime-including critical infrastructure, industrial sectors and hyperconnected facilities-are lucrative targets for cyberattacks. A decade ago, intrusion and anomaly detection tools for operational technology (OT) and industrial control systems (ICS) were in their infancy. Today, the market is expanding and maturing in […] | Industrial | ★★★ | |
|
2022-12-12 16:50:32 | (Déjà vu) 2nd Annual DISC 2022 Capture the Flag (CTF) Event a Success! (lien direct) | >The Dragos Industrial Security Conference (DISC) is an annual event celebrated on November 5th that provides attendees with some of... The post 2nd Annual DISC 2022 Capture the Flag (CTF) Event a Success! first appeared on Dragos. | Industrial | ★★★ | |
|
2022-12-08 15:20:51 | WAFs of Several Major Vendors Bypassed With Generic Attack Method (lien direct) | Researchers at industrial and IoT cybersecurity firm Claroty have identified a generic method for bypassing the web application firewalls (WAFs) of several major vendors. | Industrial | ★★ | |
|
2022-12-07 13:00:00 | Unify IT & OT Cybersecurity for A More Secure, Resilient Industrial Network with Dragos and Cisco (lien direct) | >Cybersecurity is a key component of modernization and regulatory requirements for digital transformation efforts, as cyber threats have become a... The post Unify IT & OT Cybersecurity for A More Secure, Resilient Industrial Network with Dragos and Cisco first appeared on Dragos. | Industrial | ★★★ | |
|
2022-12-07 08:44:13 | Nokia and GlobalData market research reveals private wireless enterprise drivers and return on investment data (lien direct) | Nokia and GlobalData market research reveals private wireless enterprise drivers and return on investment data • Results from new Nokia and GlobalData survey find cybersecurity and business efficiency are key transformation drivers for early private wireless adopters • Decision makers surveyed at 79 multinationals reveal high confidence in the technology with many having adopted or planning to adopt private wireless networks and industrial edge solutions • Nearly 80 percent of survey respondents expected to achieve ROI within six months of deployment • Benefits of an integrated approach to digitalization are broadly recognized, working with market leaders that offer a wide array of industry solutions - Special Reports | Guideline Industrial | ★★ | |
|
2022-12-05 14:01:54 | Kaspersky prévoit des changements dans le paysage des menaces pour les systèmes de contrôle industriel en 2023 (lien direct) | Les chercheurs de l'ICS CERT de Kaspersky ont partagé leurs prédictions concernant les évolutions et les risques concernant les systèmes de contrôle industriel auxquels les organisations doivent se préparer en 2023. Parmi ces prédictions, les experts de Kaspersky prévoient une augmentation de la surface d'attaque due à la numérisation, des activités d'initiés bénévoles et cybercriminels, des attaques de ransomware ciblant les infrastructures critiques, mais aussi des incidences techniques, économiques et géopolitiques sur les capacités de détection des menaces et l'augmentation des vulnérabilités potentielles exploitées par les agents malveillants. - Points de Vue | Ransomware Industrial | ★★★★ | |
|
2022-12-02 08:32:00 | CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server | Industrial | ★★ | |
 |
2022-10-11 19:22:42 | Google Pixel 7 and Pixel 7 Pro: The next evolution in mobile security (lien direct) | Dave Kleidermacher, Jesse Seed, Brandon Barbello, Sherif Hanna, Eugene Liderman, Android, Pixel, and Silicon Security Teams Every day, billions of people around the world trust Google products to enrich their lives and provide helpful features – across mobile devices, smart home devices, health and fitness devices, and more. We keep more people safe online than anyone else in the world, with products that are secure by default, private by design and that put you in control. As our advancements in knowledge and computing grow to deliver more help across contexts, locations and languages, our unwavering commitment to protecting your information remains. That's why Pixel phones are designed from the ground up to help protect you and your sensitive data while keeping you in control. We're taking our industry-leading approach to security and privacy to the next level with Google Pixel 7 and Pixel 7 Pro, our most secure and private phones yet, which were recently recognized as the highest rated for security when tested among other smartphones by a third-party global research firm.1 Pixel phones also get better every few months with Feature Drops that provide the latest product updates, tips and tricks from Google. And Pixel 7 and Pixel 7 Pro users will receive at least five years of security updates2, so your Pixel gets even more secure over time. Your protection, built into PixelYour digital life and most sensitive information lives on your phone: financial information, passwords, personal data, photos – you name it. With Google Tensor G2 and our custom Titan M2 security chip, Pixel 7 and Pixel 7 Pro have multiple layers of hardware security to help keep you and your personal information safe. We take a comprehensive, end-to-end approach to security with verifiable protections at each layer - the network, application, operating system and multiple layers on the silicon itself. If you use Pixel for your business, this approach helps protect your company data, too.  Google Tensor G2 is Pixel's newest powerful processor custom built with Google AI, and makes Pixel 7 faster, more efficient and secure3. Every aspect of Tensor G2 was designed to improve Pixel's performance and efficiency for great battery life, amazing photos and videos. Tensor's built-in security core works with our Titan M2 security chip to keep your personal information, PINs and passwords safe. Titan family chips are also used to protect Google Cloud data centers and Chromebooks, so the same hardware that protects Google servers also secures your sensitive information stored on Pixel. And, in a first for Google, Titan M2 hardware has now been certified under Common Criteria PP0084: the international gold standard for hardware security components also used for identity, SIM cards, and bankcard security chips. |
Spam Malware Vulnerability Guideline Industrial | APT 40 | |
 |
2022-08-30 16:00:43 | Watering Hole Attacks Push ScanBox Keylogger (lien direct) | Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. | Industrial | APT 40 | |
|
2022-07-26 06:00:00 | L'équipe rouge mandiante émule les tactiques FIN11 pour contrôler les serveurs de technologie opérationnelle Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers (lien direct) |
Au cours des deux dernières années, les incidents de ransomwares ont eu un impact sur des milliers d'organisations d'infrastructure industrielles et critiques.Dans certains cas, Mandiant a observé comment ces intrusions perturbent les chaînes de production industrielles et les flux de travail opérationnels comme méthode pour inciter le paiement des rançons.Bien que dans la plupart des cas, les victimes aient subi des dommages-intérêts exclusivement limités aux systèmes d'entreprise, cela ne signifie pas que les systèmes de technologie opérationnelle (OT) ne sont pas à risque.
La nature de la technologie OT et les défis de la défense signifie que de nombreux réseaux OT ont Sécurité Gaps que
During the last couple of years, ransomware incidents have impacted thousands of industrial and critical infrastructure organizations. In some cases, Mandiant has observed how these intrusions disrupt industrial production chains and operational workflows as a method to incentivize the payment of ransoms. Although in most cases victims have suffered damages exclusively restricted to enterprise systems, this does not mean that operational technology (OT) systems are not at risk. The nature of OT technology and the challenges of defending it means that many OT networks have security gaps that |
Ransomware Industrial | ★★★ | |
 |
2022-06-30 13:49:56 | China lured graduate jobseekers into digital espionage (lien direct) | Student translators were targeted by front company for Beijing-backed hacking group APT40. | Industrial | APT 40 | |
|
2022-04-13 15:30:00 | Inconstruire: les nouveaux outils de cyberattaques parrainés par l'État ciblent plusieurs systèmes de contrôle industriel INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems (lien direct) |
Au début de 2022, Mandiant, en partenariat avec Schneider Electric, a analysé un ensemble de nouveaux outils d'attaque orientés vers le système de contrôle industriel (ICS) - que nous appelons Inconstroller (aka PipeDream) - construit aux dispositifs d'automatisation des machines cibles.Les outils peuvent interagir avec des équipements industriels spécifiques intégrés dans différents types de machines exploitées dans plusieurs industries.Bien que le ciblage de tout environnement opérationnel utilisant cet ensemble d'outils ne soit pas clair, le malware pose un risque critique pour les organisations tirant parti de l'équipement ciblé.Inconstroller est très probablement parrainé par l'État et contient
In early 2022, Mandiant, in partnership with Schneider Electric, analyzed a set of novel industrial control system (ICS)-oriented attack tools-which we call INCONTROLLER (aka PIPEDREAM)-built to target machine automation devices. The tools can interact with specific industrial equipment embedded in different types of machinery leveraged across multiple industries. While the targeting of any operational environments using this toolset is unclear, the malware poses a critical risk to organizations leveraging the targeted equipment. INCONTROLLER is very likely state sponsored and contains |
Malware Tool Industrial | ★★★★ |
To see everything:
Our RSS (filtrered)
