Security Experts:

long dotted


The latest power outages in Ukraine may have been caused by a cyberattack, according to the national energy company Ukrenergo [Read More]
Kaspersky Lab shared details of a targeted attack campaign against industrial organizations that began in late summer and is still ongoing. [Read More]
Flaws found by a researcher can be exploited to remotely hack Moxa’s MiiNePort embedded serial device servers [Read More]
Institutionalizing cybersecurity, reducing complexity, active defenses and transformative research are key to reducing cyber risk at nuclear facilities [Read More]
ICS-CERT disclosed many critical and high severity vulnerabilities affecting products from Moxa, Siemens, Mitsubishi Electric and Advantech [Read More]
Several vulnerabilities have been discovered in Emerson’s DeltaV and Liebert products [Read More]
A big rise in drone use is likely to lead to a new wave of "dronejackings" by cybercriminals, Intel's McAfee Labs warned Tuesday. [Read More]
Siemens releases firmware updates to patch several vulnerabilities in SIMATIC communications processors and controllers [Read More]
Critical and high severity flaws have been found in surveillance products from Moxa and Vanderbilt (Siemens-branded) [Read More]
Critical flaws have been found in Lynxspring’s JENEsys BAS Bridge. The product is no longer supported, but it’s still used [Read More]


rss icon

Nate Kube's picture
Since the ratification of IEC 62443, updates to this international industrial controls standard have been published to move systems integration work forward.
Eduard Kovacs's picture
US intel chief warns that Russian hackers have been targeting critical infrastructure ICS. Security experts say the threat is real.
Nate Kube's picture
Manufacturing supply chains are vital to the development and fulfillment of any modern technology—they change rapidly and locations of suppliers change. This dynamic nature of the supply chain exposes enterprises to a wide variety of risks.
Nate Kube's picture
I would like the OT security community to move away from asking what can we do to gain greater adoption of a greenfield IT security model and instead ask how we can gain demonstrable gains in OT security posture more efficiently.
Torsten George's picture
The NIST Cybersecurity Framework is a good first step towards creating a standardized approach to cyber security, but requires many substantial updates before really improving our nation’s cyber resilience.
Marc Solomon's picture
The energy sector requires an approach to cybersecurity that doesn’t rely exclusively on air gaps or point-in-time detection tools but addresses the full attack continuum – before, during, and after an attack.
Mark Hatton's picture
Critical infrastructure facilities are under constant attack, and continuously being probed for defensive weaknesses and access points. To complicate matters, facilities often don’t even recognize when they have been probed or if a weakness has been identified for future exploitation.
Danelle Au's picture
Malware targeting SCADA systems from Stuxnet and Flame to Duqu have already shown the vast amounts of knowledge that attackers have on these proprietary control systems and are now available to other attackers to leverage.
Marc Solomon's picture
SCADA networks are the most unprotected networks of all and now cyber-criminals have them in their sights. If they get access, the consequences for many organizations, their customers and perhaps the population at large, could be extremely damaging.
Eric Knapp's picture
We’ve all heard about the inherent vulnerabilities of SCADA and ICS systems, yet we continue to focus cyber security on the surrounding IT systems using these traditional IT tools. The solution requires a new security model that addresses the specific challenges of the industrial automated world.