December 13, 2024 at 07:33AM Iran-affiliated hackers have developed IOCONTROL, a custom malware targeting IoT and operational technology systems in Israel and the U.S. It can compromise various devices like cameras and PLCs, enabling attackers to shut down services and steal data. The malware functions via MQTT and employs advanced evasion tactics. **Meeting Takeaways – … Read more
December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more
November 22, 2024 at 11:53AM Nearly 100 large community water systems in the U.S. possess serious cybersecurity vulnerabilities, risking water supply for 27 million Americans. Despite regulations, financial and resource constraints hinder proper security measures. Cyberattacks from various groups have targeted water systems, emphasizing a critical need for improved investment and security practices in this … Read more
November 13, 2024 at 05:36PM A recent ABI Research survey found that industrial manufacturers prioritize network security for cybersecurity investments due to increasing cyber threats and regulatory pressures. With a projected $2 billion market for cybersecurity solutions in 2024, focus areas include authentication, access control, and threat detection to mitigate risks from cyber events. ### … Read more
October 28, 2024 at 07:26AM Operational Technology (OT) security is crucial for marine vessels and port operators, as digitalization leads to new security challenges. SSH’s PrivX OT Edition addresses these issues by providing secure, centralized remote access management for critical systems, enhancing safety, compliance, and operational efficiency while mitigating cyber risks across the maritime industry. … Read more
October 16, 2024 at 09:04AM DeRisk is an AI and ML-based analytics platform designed to address cyber risks in operational technology for critical industries. The firm DeNexus, which specializes in operational technology risk management, has raised $17.5 million to enhance its offerings. **Meeting Takeaways:** 1. **Company Overview**: DeRisk is an AI and ML-driven data analytics … Read more
October 2, 2024 at 07:10PM The National Security Agency and international cybersecurity agencies released “Principles of Operational Technology Cyber Security,” outlining six principles to safeguard critical infrastructure. These principles stress the paramount importance of safety, knowledge of the business, protecting OT data, segmenting OT networks, securing the supply chain, and ensuring a skilled cybersecurity workforce. … Read more
October 2, 2024 at 09:54AM New guidance has been released by the US and its allies, offering advice on establishing and preserving a secure operational technology (OT) environment. This information was shared on SecurityWeek. It looks like the meeting notes are about the release of new guidance for securing operational technology environments by the US … Read more
September 10, 2024 at 10:27AM Cyber-physical systems security firm Claroty warns that excessive use of remote access tools in operational technology (OT) environments can heighten cybersecurity risks. Their analysis reveals that 55% of organizations use four or more remote access tools, with some relying on 15-16, many lacking essential security features. This poses serious security … Read more
August 12, 2024 at 03:45AM Vulnerabilities in Ewon Cosy+ industrial remote access solution could allow attackers to gain root privileges, decrypt encrypted data, and hijack VPN sessions, posing significant security risks. The findings were presented at DEF CON 32. Attackers could exploit OpenVPN vulnerabilities to gain administrative and ultimately root access, compromise VPN sessions, and … Read more