ICS/SCADA

Disclosures of vulnerabilities to critical infrastructure up 41% in new report

Stephen WeigandAugust 18, 2021

The disclosure of industrial control vulnerabilities jumped by 41% in the first half of the year as high-profile ransomware attacks against critical infrastructure have grabbed headlines.

Co-founder and CEO at Cloudflare Matthew Prince shares the stage with venture capital leaders at TechCrunch Disrupt Berlin 2019. Cloud is among the factors influencing massive investments in the cybersecurity space during 2020. (Photo by Noam Galai/Getty Images for TechCrunch)

Security Strategy, Plan, Budget

As cyber funds continue to surge, founders must contemplate where to grab their millions

Jill AitoroAugust 11, 2021

As funding divvied to cyber startups continues to explode, founders face a new dilemma: When and from whom do they accept the millions of dollars?

The Mitre building is seen in McLean, Va., in 2017. (Antony-22, CC BY-SA 4.0 , via Wikimedia Commons)

ICS/SCADA

ICS security evaluations may help improve detection of subtle attack clues

SC StaffJuly 19, 2021

For its first-ever industrial controls cyber solution assessment, Mitre tested vendor solutions against Triton malware.

Critical Infrastructure Security

Major authentication and encryption weaknesses discovered in Schneider Electric, outdated ICS systems

Derek B. JohnsonJuly 13, 2021

The attack pairs a new vulnerability with older flaws that can be leveraged in new ways to attack a popular controller used across critical infrastructure sectors.

The Cybersecurity and Infrastructure Security Agency is particularly concerned that recently disclosed vulnerabilities in Microsoft Exchange servers will become a locus of ransomware activity. (Photo by Drew Angerer/Getty Images)

Security Architecture

Microsoft acquires firmware analysis company ReFirm, eying edge IoT security

Joe UchillJune 2, 2021

ReFirm provides drag-and-drop automated firmware analysis, which Microsoft hopes will provide security insight for industrial IoT products, where security personnel often struggle to look inside built-in hardware.

An aerial view of a wastewater treatment plant in California.The attempted attack of the water supply in Oldsmar, Fla., was a wake-up call for government agencies. Today’s columnist, John Evans of World Wide Technology, says governments and all organizations need to take a more strategic look at threat modeling to mitigate increased cyberattacks. (...

Application security

How Florida water attack investigators avoided an embarrassing misattribution

Bradley BarthMay 27, 2021

Dragos limited initial disclosure to only relevant parties, after discovering a watering-hole malware attack that later turned out to be unrelated.

Hackers are increasingly using low sophisticated tactics to target OT systems, which are typically used across critical infrastructure sectors. (Rob Campbell from Toronto, ON, Canada, CC BY 2.0 , via Wikimedia Commons)

Security Architecture

Low sophistication OT breaches on the rise, with hackers learning from easy wins

Joe UchillMay 25, 2021

Hackers with minimal experience and technical expertise are increasingly targeting industrial networks, driving a new wave of low sophistication OT breaches that researchers tell SC Media is a strong learning opportunity for criminals.

ICS/SCADA

Disclosures of vulnerabilities to critical infrastructure up 41% in new report

As cyber funds continue to surge, founders must contemplate where to grab their millions

ICS security evaluations may help improve detection of subtle attack clues

Major authentication and encryption weaknesses discovered in Schneider Electric, outdated ICS systems

Microsoft acquires firmware analysis company ReFirm, eying edge IoT security

How Florida water attack investigators avoided an embarrassing misattribution

Low sophistication OT breaches on the rise, with hackers learning from easy wins

Fast Five

Selected by the SC Media Editorial team every Tuesday.