Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Remote hackers can use hardcoded credentials to reconfigure or disrupt the functionality of SICK MSC800 controllers. [Read More]
Swiss industrial tech company ABB has patched a dozen vulnerabilities, including serious issues, in some of its HMI products. [Read More]
Several vulnerabilities affecting the Phoenix Contact Automationworx automation software suite can be exploited for remote code execution using specially crafted project files. [Read More]
Indegy announces general availability of CIRRUS, an industrial cybersecurity-as-a-service (ICSaaS) offering. [Read More]
The Kremlin on Tuesday said Moscow had been the victim of US cyberattacks "for years" following a New York Times report that Washington is stepping up digital incursions into Russia's power grid. [Read More]
The New York Times reports that the US has planted potentially destructive malware in Russia’s power grid, but President Trump says the story is not true and calls it a “virtual act of treason.” [Read More]
Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting — in addition to oil and gas organizations — electric utilities in the United States and the APAC region. [Read More]
Several serious vulnerabilities have been found by a researcher in WAGO 852 industrial managed switches. [Read More]
Organizations have been investing more in ICS cyber security and the results are showing, but many still rate their overall risk profile as severe or high, according to the SANS 2019 State of OT/ICS Cybersecurity Report. [Read More]
An open source tool named Kamerka allows users to generate a map of Internet-exposed ICS devices in a specified country and link results to Google Street View. [Read More]
FEATURES, INSIGHTS // SCADA / ICS
The risk created by the proliferation of industrial IoT (IIoT) is rising, thanks to the continued mismanagement of third-party involvement in sensitive industrial environments.
Examining the Triton attack toolkit and methodology behind it offers industrial manufacturers and OEMs, plant safety teams and IT/OT teams more insight into what they need to do to get ahead of hardening their networks
Smart IoT devices in industrial settings, such as energy, oil/gas and manufacturing, have shifted the perspective on OT environments from being reactive to proactive and predict failures.
We’ve seen the discussion moving away from an active vs. passive debate to one seeking a more balanced approach that integrates the right mix of detection technologies.
Just as internet security was a relative unknown concern 20 years ago, public awareness of threats to the electric grid, water supplies, etc. is mounting
By working together, IT and OT teams can ensure better security across the whole enterprise environment and that can only be good for business.
As industrial environments become more complex, data-type and data-source agnostic technologies need to be employed. Both IT and OT teams should be able to quickly access and analyze all data relevant to their needs.
With the new year underway, it’s time for CISOs to see their security resolutions through from the factory floor, SOCs and across the entire enterprise.
The Secure Development Lifecycle (SDL) process is still notable by its absence in many new deployments of Industrial Internet of Things (IIoT) technologies.
The next year will surprise all of us in at least one way or another. How we deal with these surprises, both individually and collectively, will, in the end, define the next twelve months.
SecurityWeek Daily Briefing
- Iowa Grocery Chain Investigating Possible Hack of Payment Processing Systems
- Apple Sues Corellium Over Security Research Tool
- Uganda Slams Report Huawei Helped Spy on Opposition Leader
- Many Users Don't Change Unsafe Passwords After Being Warned: Google
- Sherlock in the SOC: Leveraging Security Knowledge in a Behavior-Based Approach
- Cybersecurity Has Become a Political Issue for Americans, Survey Shows
- Many Apache Struts Security Advisories Updated Following Review
- ECB Uncovers Data Breach in Bank Newsletter
- Vulnerability Patched in Firefox Password Manager
- Intel Patches High-Severity Flaws in Tools, NUC Firmware
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy