Researchers from DeNexus have discovered around three campaigns in the wild that are adopting the same or matching spear phishing
Industrial Control Systems
ICS news
CDE Reports that Cancer Death Cluster Linked to Cyberattack
This morning the Center for Disease Eradication in Atlanta, GA announced that it had determined that a cancer death cluster
AI technologies could be used in cyberattacks on critical infrastructure, NSCAI warns
The National Security Commission on Artificial Intelligence (NSCAI) revealed in its latest report that the U.S. must act now to
More critical vulnerabilities identified in OPC protocol implementations
Solutions that use the OPC family of protocols are affected by multiple vulnerabilities that could lead to equipment failure, remote
Latest
Hong Kong democracy activists win bid for bail
Four Hong Kong dissidents charged with subversion were let out on bail late Friday after prosecutors at the last minute dropped an appeal
Xage’s Zero Trust Remote Access protects remote access for OT frameworks
Industrial cybersecurity company Xage announced the release its Zero Trust Remote Access technology that secures remote access for operational technology
DHS increases awareness of PNT services used in critical infrastructure
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) look to increase awareness and security around PNT services

RedEcho
A Recorded Future publikált egy tanulmányt arról, hogy a feltételezhetően kínai állami támogatásúnak tartott APT41 az indiai kritikus infrastruktúrákra milyen
KLCERT-17-029: Authentication bypass in Rockwell Automation Logix controllers
A remote unauthenticated attacker able to bypass a verification mechanism and authenticate with Logix controllers and PLC emulator of RSLogix
Geoengineering Craft Hacked
The Gathmann Balloon Project announced this morning that their first geoengineering study over the Pacific Ocean was halted today when
New DARPA RADICS program helps restore electric grid post cyber attack
The Defense Advanced Research Projects Agency (DARPA) announced that its RADICS program will now develop technology to detect and respond
Claroty finds vulnerability in communications between Rockwell PLCs and engineering stations
The research team at industrial cybersecurity company Claroty have found the presence of a severe vulnerability that affects communications between
Dragos confirms rise in publicly known flaws in systems supporting industrial operations
Researchers at industrial cybersecurity firm Dragos detected a three times rise in security threats in hyperconnected industrial environments, confirming a
Lazarus targets defense industry with ThreatNeedle
In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware
Bombardier suffers cybersecurity attack in isolated IT network
Jet-maker Bombardier confirmed on Wednesday that it had been a victim of a cybersecurity breach on what it described as
Ransomware, ICS incidents rule in 2020, IBM reveals
Ransomware persisted as the top contender in the threat category in 2020, accounting for 23 percent of security incidents, while
Remote exploitation of security vulnerabilities possible in Rockwell, Advantech equipment
Rockwell Automation and Advantech have detected major security vulnerabilities in equipment deployed in the critical infrastructure sectors, which can lead
NARUC says public utilities must focus on better recruiting, retention for cybersecurity
The National Association of Regulatory Utility Commissioners (NARUC) released on Monday a guide that aims to serve as an important
CISA Global aims at international alliance to combat cyber threats
The U.S. has launched an international strategy called CISA Global that joins with international partners to intensify defense against cyber
NIST releases cybersecurity framework for PNT services
The National Institute of Standards and Technology (NIST) released a cybersecurity guidance framework for positioning, navigation and timing (PNT) services.
SolarWinds attack, ransomware led to doubling up of cyber threats in industrial and critical infrastructure
SolarWinds attack proved to be one of the ‘most successful espionage operations ever discovered,’ in addition to highlighting the risks
Kia Motors America confirms systems outage, denies ransomware attack
Kia Motors America (KMA) says that it has seen no evidence of having suffered a ransomware attack, but apologized to
Airbus Cybersecurity strengthens its SOC with OT capabilities
Airbus Cybersecurity has extended its Security Operations Centre (SOC) with OT capabilities, following a pilot project. The company said it
Delano Boil Water Order Due to Water Plant Hack
This morning’s ‘boil water’ order from the Delano Water Maintenance Department was issued because of a cyberattack on the chlorination
Government agencies analyze Oldsmar water plant hack
U.S. security agencies revealed that preliminary information from the Oldsmar water plant hack suggests that the unidentified cyber actors likely