The Urgent/11 vulnerabilities confirmed to impact other RTOS, which means more industrial and medical devices are affected than previously thought. [Read More]
SecurityWeek will offer an Advanced ICS/SCADA Hacking Training program at its 2019 Industrial Control Systems (ICS) Cyber Security Conference in Atlanta. [Read More]
Tridium Niagara products are affected by a couple of vulnerabilities in BlackBerry QNX, including one that could allow an attacker to access sensitive information. [Read More]
A new report from the United States Government Accountability Office (GAO) shows that the Department of Energy (DOE) has yet to fully analyze the electric grid cybersecurity risks. [Read More]
Critical infrastructure and other organizations are increasingly at risk of being targeted in attacks involving RDP and disruptive ransomware. [Read More]
Kaspersky announces the ICS Vulnerabilities Database, a new service that provides information on vulnerabilities in ICS/IIoT products and ICS threat signatures. [Read More]
Drone strikes on Saudi oil infrastructure highlights the easy vulnerability of such facilities even as the kingdom has splurged billions on sophisticated defense hardware. [Read More]
The Secure Development Lifecycle (SDL) process is still notable by its absence in many new deployments of Industrial Internet of Things (IIoT) technologies.
The next year will surprise all of us in at least one way or another. How we deal with these surprises, both individually and collectively, will, in the end, define the next twelve months.
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
From a communications and technical standpoint, the Onslow Water and Sewer Authority (ONWASA) turned a malicious cyber incident into a strong success story on many fronts.
It pays to be ahead of regulators, because if you’re aiming to be truly secure then you’ll already be meeting many of the key requirements of any local law.
The most successful organizations will be the ones that look at cyber risk holistically and build bridges between the IT, OT, and Security organizations.
Concerns about endpoint security in industrial environments, especially among OT personnel, are being driven by the demise of the traditional air gapping of OT infrastructures.