Critical Infrastructure
Critical Infrastructure | News, how-tos, features, reviews, and videos
US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets
Advisory from the Cybersecurity and Infrastructure Security Agency and the National Security Agency outlines steps to protect operational technology and industrial control systems.
International cooperation is key to fighting threat actors and cybercrime
Western intelligence and national security leaders emphasize the importance of collaborating to better prepare and respond to cybersecurity threats.
US OMB releases guidance on federal agency software security requirements
The guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance.
U.S. government offensive cybersecurity actions tied to defensive demands
Current and former U.S. government officials explain the country's "defense forward" and offensive cybersecurity policies and their risks.
Ragnar Locker continues trend of ransomware targeting energy sector
Ransomware gangs seem to be exploiting concerns over disruptions in the energy and other critical infrastructure sectors.
Social media's role in spreading U.S. election disinformation in the spotlight
Before Twitter's former CISO sounded the alarm bell, the U.S. government defined steps to counter misinformation and disinformation at the state, local and federal levels.
How Carrier’s product security team delivers the ‘right support for the right product’
Carrier CPSO John Deskurakis developed a framework for product security that works for the lifecycle of all products across all business lines
"Evil PLC Attack" weaponizes PLCs to infect engineering workstations
Researchers demonstrate a proof of concept where hijacked programmable logic controllers can compromise engineering workstations to allow lateral movement.
Exposed VNC instances threatens critical infrastructure as attacks spike
Threats surrounding Virtual Network Computing laid bare as attacks targeting critical infrastructure increase.
How a Venezuelan disinformation campaign swayed voters in Colombia
A Black Hat presentation explains how Russia-aligned Venezuela influenced the presidential election in Colombia to its political benefit.
OPSWAT launches new malware analysis capabilities for ICS, OT networks
Critical infrastructure cybersecurity vendor enhances its MetaDefender Malware Analyzer platform to map malware to the MITRE ATT&CK Industrial Control Systems framework.
Average cost of data breaches hits record high of $4.35 million: IBM
Healthcare organizations saw average cost per breach at $10.1 million, more than double the global average.
What is an ISAC or ISAO? How these cyber threat information sharing organizations improve security
Information Sharing and Analysis Organizations were created to make cyber threat data and best practices more accessible than with Information Sharing and Analysis Centers, but results are mixed.
Smart factories unprepared for cyberattacks
Smart factory operators are well aware of the cyberthreats they face but acknowledge lack of readiness to defend against them.
An updated pipeline security directive is underway, reflecting TSA struggles
The TSA directives issued after the Colonial Pipeline attack have been widely criticized, but the agency is working with the industry to improve them.
Microsoft's Defending Ukraine report offers fresh details on digital conflict and disinformation
Russia will use what it learned from its destructive cyber actions in Ukraine for other operations. "There is no going back to normal."
Dozens of insecure-by-design flaws found in OT products
The OT:ICEFALL report shows that makers of operational technology manufacturers have to improve the security of their devices.
