What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-14 14:41:00 | Attacks on industrial infrastructure on the rise, defenses struggle to keep up (lien direct) | The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that's capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled external connections into their OT networks."A number of the threats that Dragos tracks may evolve their disruptive and destructive capabilities in the future because adversaries often do extensive research and development (R&D) and build their programs and campaigns over time," the Dragos researchers said in a newly released annual report. "This R&D informs their future campaigns and ultimately increases their disruptive capabilities."To read this article in full, please click here | Malware Industrial | ★★ | |
|
2023-02-10 10:45:00 | Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks (lien direct) | It's common for operational technology (OT) teams to connect industrial control systems (ICS) to remote control and monitoring centers via wireless and cellular solutions that sometimes come with vendor-run, cloud-based management interfaces. These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers.Industrial cybersecurity firm Otorio released a report this week highlighting the attack vectors these devices are susceptible to along with vulnerabilities the company's researchers found in several such products. "Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments," the Otorio researchers said in their report. "This is due to the minimal requirements for exploitation and potential impact."To read this article in full, please click here | Industrial | ★★★ | |
|
2023-01-19 12:48:00 | BrandPost: Securing Critical Infrastructure with Zero Trust (lien direct) | Critical infrastructure forms the fabric of our society, providing power for our homes and businesses, fuel for our vehicles, and medical services that preserve human health.With the acceleration of digital transformation spurred by the pandemic, larger and larger volumes of critical infrastructure and services have become increasingly connected. Operational technology (OT) serves a critical role as sensors in power plants, water treatment facilities, and a broad range of industrial environments.Digital transformation has also led to a growing convergence between OT and information technology (IT). All of this connection brings accessibility benefits, but it also introduces a host of potential security risks.To read this article in full, please click here | Industrial Medical | ★ | |
|
2023-01-19 10:01:00 | Many ICS flaws remain unpatched as attacks against critical infrastructure rise (lien direct) | Patching vulnerabilities in industrial environments has always been challenging due to interoperability concerns, strict uptime requirements, and sometimes the age of devices. According to a recent analysis, a third of vulnerabilities don't even have patches or remediations available.Out of 926 CVEs -- unique vulnerability identifiers -- that were included in ICS advisories from the US Cybersecurity and Infrastructure Security Agency (CISA) during the second half of 2022, 35% had no patch or remediation available from the vendor, according to an analysis by SynSaber, a security company that specializes in industrial asset and network monitoring.To read this article in full, please click here | Vulnerability Industrial | ★★★ | |
|
2022-12-14 02:00:00 | Clear and present danger-report highlights serious cybersecurity issues with US defense contractors (lien direct) | When a company engages in business with a government, especially with the defense sector of that government, one should expect that security surrounding the engagement would be a serious endeavor. A recent report offered up by CyberSheath throws cold water on that assumption-indeed, DEFENSELESS - A statistical report on the state of cybersecurity maturity across the defense industrial base (DIB) should embarrass the sector and begs the question: why are some companies still allowed to do business with the government at all?The CyberSheath report, conducted by Merrill research, surveyed 300 US members of the DIB and judged their results as having a 95% probability of being accurate. Which should give everyone pause, as the results are startling.To read this article in full, please click here | Industrial | ★★★ |
1
We have: 5 articles.
We have: 5 articles.
To see everything:
Our RSS (filtrered)
