Security Experts:

SCADA / ICS
long dotted

NEWS & INDUSTRY UPDATES

Researcher finds over 100 vulnerabilities in building management and access control systems from four vendors. The flaws expose many buildings to attacks, including famous monuments and major organizations. [Read More]
NIST’s National Cybersecurity Center of Excellence (NCCoE) is working on an industrial IoT (IIoT) security project for the energy sector. [Read More]
GandCrab, once known as a consumer-targeting ransomware, is increasingly being used in attacks against business organizations [Read More]
Several vulnerabilities discovered by a researcher in GE software used for power meters, including hardcoded credentials and privilege escalation flaws. [Read More]
The TSA doesn't have a strategic workforce plan to help ensure it identifies the skills and competencies—such as the required level of cybersecurity expertise—necessary to carry out its pipeline security responsibilities, a GAO report shows. [Read More]
A denial-of-service (DoS) attack has been blamed for disrupting US electrical grid operations in the Western region. [Read More]
Two vulnerabilities discovered by CyberX and Nozomi in Rockwell Automation controllers expose devices to DoS attacks. [Read More]
Cisco Talos researchers find nearly a dozen vulnerabilities in Sierra Wireless AirLink gateways and routers, including serious flaws that can be exploited to change system settings, execute arbitrary code, and modify passwords. [Read More]
NIST updates its ACTS toolkit to help developers of safety-critical applications, such as the ones powering aircraft and nuclear power plants, find errors and make their software safer. [Read More]
Swiss-based special-purpose vehicle maker Aebi Schmidt confirms being hit by a piece of malware and says the incident may result in disruptions to business operations. [Read More]

FEATURES, INSIGHTS // SCADA / ICS

rss icon

Laurence Pitt's picture
By working together, IT and OT teams can ensure better security across the whole enterprise environment and that can only be good for business.
Seema Haji's picture
As industrial environments become more complex, data-type and data-source agnostic technologies need to be employed. Both IT and OT teams should be able to quickly access and analyze all data relevant to their needs.
Seema Haji's picture
With the new year underway, it’s time for CISOs to see their security resolutions through from the factory floor, SOCs and across the entire enterprise.
Jalal Bouhdada's picture
The Secure Development Lifecycle (SDL) process is still notable by its absence in many new deployments of Industrial Internet of Things (IIoT) technologies.
Galina Antova's picture
The next year will surprise all of us in at least one way or another. How we deal with these surprises, both individually and collectively, will, in the end, define the next twelve months.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Jalal Bouhdada's picture
In the event of a cybersecurity incident in an industrial environment, you should follow a well-established seven step response process.
Galina Antova's picture
From a communications and technical standpoint, the Onslow Water and Sewer Authority (ONWASA) turned a malicious cyber incident into a strong success story on many fronts.
Justin Fier's picture
The rapid shift toward hyper-connected “smart” ports is rendering physical harbors susceptible to traditionally digital threats.
Barak Perelman's picture
Many organizations with OT networks face a massive challenge to maintain operational efficiency and improve network security at the same time.