NERC Develops Practice Guide to Help Organizations Evaluate Network Monitoring Technologies
    June 17, 2021

    NERC Develops Practice Guide to Help Organizations Evaluate Network Monitoring Technologies

    Earlier this month, on June 4th, the North American Electric Reliability Corporation (NERC) released a new practice guide that pinpoints how organizations should integrate network monitoring...

    Five Key Takeaways from the U.S. Executive Order to Bolster Nation’s Cybersecurity
    June 2, 2021

    Five Key Takeaways from the U.S. Executive Order to Bolster Nation’s Cybersecurity

    It’s no secret that Nation-State attackers are targeting US government agencies and organizations. As seen in the Solarwinds breach and the more recent Colonial Pipeline ransomware attack,...

    Bridging the Gap Between IT and OT and How the Rapid7 & SCADAfence Partnership Leads the Way
    May 26, 2021

    Bridging the Gap Between IT and OT and How the Rapid7 & SCADAfence Partnership Leads the Way

    It's been over a decade since the headline-grabbing Stuxnet virus was introduced and the concept of nation-state-sanctioned cyber attacks was presented by security professionals. The concern about...

    “Air-Gapping” IT and OT?
    May 19, 2021

    “Air-Gapping” IT and OT?

    Following the Colonial Pipeline Ransomware incident, Twitter exploded in to an orgy of blather from people demanding that we “air-gap” ICS. Those righteous keyboard warriors know what is best, I’m...

    SCADAfence Researchers Discover a Vulnerability in the CODESYS Development System
    May 12, 2021

    SCADAfence Researchers Discover a Vulnerability in the CODESYS Development System

    There are new vulnerabilities discovered every day, and new patches issued to fix them. As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources...

    Colonial Pipeline Attack Spells Fuel Pipeline Shutdown and Highlights the Need for Increased OT Security
    May 10, 2021

    Colonial Pipeline Attack Spells Fuel Pipeline Shutdown and Highlights the Need for Increased OT Security

    On May 8th, news broke that Colonial Pipeline, one of the largest fuel pipelines in the US, was forced to stop all operations due to falling victim to a ransomware attack. The attack on Colonial...

    Pharmaceuticals Like Johnson & Johnson Are Experiencing Daily Cyber Attacks From Nation State Attackers
    April 29, 2021

    Pharmaceuticals Like Johnson & Johnson Are Experiencing Daily Cyber Attacks From Nation State Attackers

    As each day passes, so does the increasing amount of security risks with the cybersecurity attack vector. Every organization can easily fall victim to another cyber threat, but recently, the...

    Takeaways From The Oldsmar Water Attack & What Security Leaders Can Do About It
    February 19, 2021

    Takeaways From The Oldsmar Water Attack & What Security Leaders Can Do About It

    Over the last few days, cybersecurity journalists and the ICS security community have been discussing the Oldsmar Florida water system cyber attack, almost ad nauseam. While many people have been...

    Preventing Ransomware Attacks On Industrial Networks
    January 29, 2021

    Preventing Ransomware Attacks On Industrial Networks

    This Week, Ransomware Slams Westrock & Other Industrial Organizations Earlier this week, the operations at $17 billion packaging firm WestRock were disrupted by a ransomware attack that impacted...

    Discovery of DoS Vulnerability in ABB's AC500 V2
    January 19, 2021

    Discovery of DoS Vulnerability in ABB's AC500 V2

    Our Researchers Discover Another Vulnerability  As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of...

    Thank You 2020 - It's Been Quite A Ride!
    January 1, 2021

    Thank You 2020 - It's Been Quite A Ride!

    What a year. What a year this has been to humanity, an epidemic has fundamentally changed the way we interact with one another, social distancing, lockdowns and restrictions in virtually...

    SolarWinds: Should Enterprises Adopt Supply Chain Certification
    December 22, 2020

    SolarWinds: Should Enterprises Adopt Supply Chain Certification

    SunBurst - The Cyber Attack on SolarWinds SunBurst is a cyber espionage campaign that leveraged a supply chain attack on SolarWinds, a leading supplier of network management software. Between...

    How SCADAfence Defended a DoD Supplier from Over 50 Cyber-Attackers
    December 7, 2020

    How SCADAfence Defended a DoD Supplier from Over 50 Cyber-Attackers

    The '85 Bears of Cyber Physical Security A few days ago, our elite cybersecurity team of defenders, faced over 50 of the world’s top hackers and security practitioners in the Hack the Building...

    [Cocktail Book] Raise Your Drinks & Your OT / IoT Security Posture
    November 12, 2020

    [Cocktail Book] Raise Your Drinks & Your OT / IoT Security Posture

    In today's stressful times, we can all use a refreshing beverage. Seriously, with the uncertainty around the the rising ransomware incidents in OT networks, we can all use some brightness in...

    SCADAfence Researchers Discovered CVE-2020-16849 a Vulnerability in Canon Printers
    October 29, 2020

    SCADAfence Researchers Discovered CVE-2020-16849 a Vulnerability in Canon Printers

    SCADAfence Researchers Discover A Sensitive Information Leak Vulnerability in Canon Printers

    DoS Vulnerability in Mitsubishi Electric MELSEC iQ-R Series
    October 12, 2020

    DoS Vulnerability in Mitsubishi Electric MELSEC iQ-R Series

    Our Researchers Discover Another Vulnerability  As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of...

    The OT & IoT Cybersecurity Feed - October 2020
    October 1, 2020

    The OT & IoT Cybersecurity Feed - October 2020

    Hey, I’m SCADAGirl. I'm a cybersecurity superhero that ensures that OT & IoT networks are safe. Here is my commentary on the latest headlines in OT & IoT security.

    Managing Your Unmanageable OT and IT Infrastructure
    October 1, 2020

    Managing Your Unmanageable OT and IT Infrastructure

    As industrial systems become increasingly connected to IT, Cloud and ERP systems, they become increasingly exposed to cyber threats such as ransomware. In fact, cyber threats for industrial...

    Governance - 3rd Party Application & Free Onboarding Until 2021!
    September 17, 2020

    Governance - 3rd Party Application & Free Onboarding Until 2021!

    It’s true, the SCADAfence Governance Portal can now connect to any third-party application through Syslog or rest-API and we’re providing the entire on-boarding for free until the end of this...

    Siemens S7 PROFINET - A Shocking Network Architecture Flaw
    August 24, 2020

    Siemens S7 PROFINET - A Shocking Network Architecture Flaw

    A Shocking Flaw Here’s an all too often overlooked item in the security architecture of industrial networks. Below is a diagram of an industrial network architecture we’ve seen in a number of...

    The OT & IoT Cybersecurity Feed
    August 17, 2020

    The OT & IoT Cybersecurity Feed

    Hey, I’m SCADAGirl. I'm a cybersecurity superhero that ensures that OT & IoT networks are safe. Here is my commentary on the latest headlines in OT & IoT security.

    Stuxnet and Vulnerabilities In Schneider Triconex SIS Controllers
    July 29, 2020

    Stuxnet and Vulnerabilities In Schneider Triconex SIS Controllers

    Overview As the NSA urges companies to secure their industrial networks, two vulnerabilities were found in Schneider Electric Triconex SIS devices. Both of the vulnerabilities reside within the ...

    SigRed: A Wormable Microsoft DNS Server RCE Vulnerability
    July 15, 2020

    SigRed: A Wormable Microsoft DNS Server RCE Vulnerability

    SigRed Overview SigRed is a vulnerability that was exposed yesterday (July 14th 2020) by the security firm Check Point. Successful exploitation of the vulnerability could lead to a malicious actor...

    Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests
    July 3, 2020

    Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests

    As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques. Ripple20 are 19...

    SCADAfence Researchers Discover a Vulnerability in Mitsubishi Electric MELSEC iQ-R Series CPU DoS
    June 10, 2020

    SCADAfence Researchers Discover a Vulnerability in Mitsubishi Electric MELSEC iQ-R Series CPU DoS

    As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques. CVE-2020-13238 is a...

    Iranian Hackers Target Israel’s Water Supply - Prevent Attacks
    May 7, 2020

    Iranian Hackers Target Israel’s Water Supply - Prevent Attacks

    Iran Launches Cyber Attacks on Israeli Water Facilities According to a Fox News report, Iranian cyber attackers used American servers to launch their attacks on the Israeli water infrastructure...

    SCADAfence Researchers Discovered CVE-2020-12117 a Vulnerability in Moxa Devices.
    May 6, 2020

    SCADAfence Researchers Discovered CVE-2020-12117 a Vulnerability in Moxa Devices.

    A New Vulnerability is Detected As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack...

    “Dark_Nexus” - Adversaries Compete To Control IoT Devices
    April 14, 2020

    “Dark_Nexus” - Adversaries Compete To Control IoT Devices

    The IoT Attack Landscape In a recent blog post, I wrote about the fertile ground of insecure IoT devices, and their use by adversaries such as cybercriminals and defense organizations such as...

    Business Continuity for Manufacturing During a Disaster
    March 30, 2020

    Business Continuity for Manufacturing During a Disaster

    Business continuity planning (BCP) is the process involved in the creation of a system that prevents potential threats to a company, and also aids in its recovery.

    Russia’s FSB Develops Hacking Tools For IoT Devices
    March 24, 2020

    Russia’s FSB Develops Hacking Tools For IoT Devices

    The Russian Government Hacking IoT Devices… Again A recent Forbes article reports that the Russian Federal Security Service (FSB), is using an external contractor to develop exploits and attack...

    COVID-19 Outbreak - We’re Here To Help!
    March 12, 2020

    COVID-19 Outbreak - We’re Here To Help!

    The Implications Of Coronavirus The implications of the Coronavirus strain (COVID-19), which emerged in Wuhan, China, have a significant and detrimental effect on the global economy and our...

    The Next WannaCry Is Here & There’s No Patch Available Yet
    March 11, 2020

    The Next WannaCry Is Here & There’s No Patch Available Yet

    What Does It Mean For Critical Infrastructure, Manufacturing & Building Management Systems? Co-written by Ofer Shaked and Maayan Fishelov

    SNAKE / EKANS Ransomware: Deploying OT-Oriented Malware
    February 20, 2020

    SNAKE / EKANS Ransomware: Deploying OT-Oriented Malware

    Until now, the use of malware specifically designed to attack industrial control systems has been confined to fairly rare high-level nation-state attacks such as those which targeted nuclear...

    ODVETA Ransomware as Seen by OT Security Experts
    February 11, 2020

    ODVETA Ransomware as Seen by OT Security Experts

    Co-written by Ofer Shaked and Maayan Fishelov Background Odveta is a ransomware that has been observed in multiple industrial networks. It doesn’t have an automated propagation mechanism, and it...

    SCADAfence Experiences Substantial Company Growth in 2019
    February 6, 2020

    SCADAfence Experiences Substantial Company Growth in 2019

    2019 OT Security Summary & 2020 Predictions As the ritual dictates with every end of a year, we try to look back on the past year’s achievements as well as try to foresee what the future holds, or...

    Proactive Protection for OT Systems has Arrived
    January 9, 2020

    Proactive Protection for OT Systems has Arrived

    SCADAfence and CyberArk have together developed a proven method for protecting utilities and manufacturing facilities from external attackers by blocking malicious access to critical OT production...

    The Challenge Of Securing Building Management Systems (BMS)
    January 6, 2020

    The Challenge Of Securing Building Management Systems (BMS)

    An Intro to Building Management Systems (BMS) Before we dive into it, a Building Management System (BMS), a.k.a. “Smart Building Technology,” is an intelligent microprocessor-based controller...

    New Orleans & UK Government Slammed by Cyberattacks
    December 19, 2019

    New Orleans & UK Government Slammed by Cyberattacks

    New Orleans & UK Government Slammed by Cyberattacks

    OT Security Platform Preventing Cyber Attacks
    December 1, 2019

    OT Security Platform Preventing Cyber Attacks

    Prevent Incidents rather than Handling Them

    5 OT Security Best Practices for Industrial Digital Transformation
    November 23, 2019

    5 OT Security Best Practices for Industrial Digital Transformation

    Smart Operational Networks Come at a Security Price