Two U.S. committees have called upon the Department of Energy (DOE) for all documents and communications related to… The post
Industrial Control Systems
ICS news
Multiple Ransomware Attacks on Artillery Contractors
The Defense Armaments Agency announced today that production of 155mm artillery shells at Blackshear Arsenal in Georgia has been halted
New CISC document focuses on risk assessment advisory for communications sector
Australia’s Cyber and Infrastructure Security Centre (CISC) published its risk assessment advisory for critical infrastructure for the communications… The post
The need for correct, authenticated pressure measurements for reliability, safety, and cyber security
Correct pressure and other process sensor measurements are necessary for reliability, product quality, maintenance, process safety, and cyber security. These
Latest
Rootpipe Reborn (Part II)
@CodeColorist continues writing about bugs, such as CVE-2019-8521 and CVE-2019-8565 that provide a mechanism to elevate privileges to root on
GAO finds challenges in protecting federal systems and information, calls for increased implementation
The U.S. Government Accountability Office (GAO) proposed three actions related to the challenges faced when it comes to… The post
NIST releases voluntary PNT Profile to mitigate potential impacts of disruption or manipulation
The U.S. National Institute of Standards and Technology (NIST) released on Tuesday a voluntary PNT Profile created by… The post
Recorded Future releases cyber threat analysis covering cybercrime, Russian state, and Ukraine war
Recorded Future reported Tuesday that it remains highly likely that Russian intelligence, military, and law enforcement services have… The post
HC3, AHA warn of pro-Russian KillNet hacktivist group targeting healthcare sector using DDoS attack technique
The U.S. Department of Health & Human Services Health Sector Cybersecurity Coordination Center (HC3) identified in an analyst… The post
JCDC 2023 Planning Agenda to address systemic risk, collective cyber response, high-risk communities
The Joint Cyber Defense Collaborative (JCDC) unveiled its 2023 Planning Agenda focused on working on joint cyber defense… The post
CISA MITRE ATT&CK for ICS focuses on adversarial tactics, techniques disrupting industrial control process
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the Homeland Security Systems Engineering and Development… The post
Recorded Future finds that BlueBravo hackers utilize Ambassador Lure to spread GraphicalNeutrino malware
Recorded Future’s Insikt Group detailed BlueBravo threat group that overlaps with Russian advanced persistent threat (APT) activity group… The post
Europol supports global law enforcement agencies to shut down Hive ransomware affiliates
Europol supported the German, Dutch, and U.S. authorities in disrupting and taking down the infrastructure used by Hive… The post
DOJ ‘disrupts’ Hive ransomware group, as FBI infiltrates network and thwarts ransom demands
The U.S. Department of Justice announced Thursday its ‘months-long disruption’ campaign against the Hive ransomware group that has… The post
Liability for Known Vulnerabilities Bill Introduced
Rep Mark Sloan (R,CA) introduced the Liability for Known Vulnerabilities Act today. The bill would make manufacturers of computer controlled
Trend Micro discloses that Vice Society ransomware group targets manufacturing companies
Researchers from Trend Micro disclosed that they have evidence that the Vice Society ransomware group is targeting the… The post
SEABORGIUM, TA453 continue spearphishing attacks against organizations, UK NCSC warns
The U.K.’s National Cyber Security Centre (NCSC) disclosed that Russia-based SEABORGIUM and Iran-based TA453 hacker groups continue to… The post
CISA, NSA, MS-ISAC warn network defenders to protect against malicious use of RMM software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis… The post
GAO asked to audit national security risks posed by contractors used concurrently by US, Chinese governments
The U.S. Senate Homeland Security and Governmental Affairs Committee have called on the Government Accountability Office (GAO) to… The post
Chinese-backed DragonSpark hackers evade detection with SparkRAT, Golang source code interpretation
SentinelLabs disclosed on Tuesday that it had been monitoring recent attacks against East Asian organizations, tracked as DragonSpark,… The post
Nozomi Arc boosts operational resilience by increasing visibility across endpoint attack surfaces
OT and IoT security company Nozomi Networks announced Tuesday the availability of Nozomi Arc sensors that extend visibility… The post
Hospital Deaths Due to UPS Hack
The Angels Memorial Hospital in Los Angeles announced today that three deaths overnight in their intensive care ward were due
FERC publishes final rule for integrating INSM requirements into CIP reliability standards
The Federal Energy Regulatory Commission (FERC) called upon the North American Electric Reliability Corporation (NERC) to develop new… The post
Ransomware groups will continue to disrupt industrial operations, as ‘outright ban’ on payment plays a role
Industrial cybersecurity vendor Dragos assessed with high confidence that ransomware groups will continue to disrupt industrial operations, whether… The post
Australia rolls out risk assessment advisory for food and grocery sector, as threat landscapes continue to evolve
Close to the heels of its risk assessment advisory for critical infrastructure across the energy sector, Australia’s Cyber… The post