ICS / OT Security News Update | SCADAfence - June 20
    June 20, 2022

    ICS / OT Security News Update | SCADAfence - June 20

    Our research team compiled the latest updates on newly announced CVEs, recent ransomware attacks and IoT security news. They also offer analysis of the potential impacts and their expert...

    Why Wind Farms’ OT Networks Could Be Ransomware’s Next Big Target
    May 26, 2022

    Why Wind Farms’ OT Networks Could Be Ransomware’s Next Big Target

    A Change In The Air The past several decades have seen a seismic shift in how the world thinks about energy. Concerns about climate change and global geopolitics have caused many nations to declare a...

    Interview With SCADAfence's New Field CTO, Paul Smith
    May 16, 2022

    Interview With SCADAfence's New Field CTO, Paul Smith

    OT and ICS Industry veteran Paul Smith, author of “Pentesting Industrial Control Systems” has recently joined the SCADAfence team in the role of Field CTO. We interviewed Paul to get his thoughts on...

    Weekly ICS / OT Security News Digest | SCADAfence - May 10
    May 11, 2022

    Weekly ICS / OT Security News Digest | SCADAfence - May 10

    Our research team has put together all of the most relevant news topics in the Ransomware and IoT security fields, as well as their impacts and their expert recommendations:

    CISA's Top 15 Routinely Exploited Vulnerabilities: SCADAfence Customers Stay Protected
    May 9, 2022

    CISA's Top 15 Routinely Exploited Vulnerabilities: SCADAfence Customers Stay Protected

    On April 27, the Cybersecurity and Infrastructure Security Agency (CISA), published a joint advisory in collaboration with CSA/NSA/FBI/ACSC and other cybersecurity authorities, providing details on...

    INCONTROLLER / Pipedream: State-Sponsored Attack Tools Targeting Multiple ICS Systems
    April 14, 2022

    INCONTROLLER / Pipedream: State-Sponsored Attack Tools Targeting Multiple ICS Systems

    Dangerous New Malware Can Shut Down, Sabotage Industrial Sites  

    Failed Industroyer2 attack leads to calls for heightened vigilance on ICS networks
    April 14, 2022

    Failed Industroyer2 attack leads to calls for heightened vigilance on ICS networks

    Russian-backed Group Attempts to Compromise Ukrainian Power Grid Using Industroyer2 Malware As part of their ongoing military assault against neighboring Ukraine, Russian-backed hacker group Sandworm...

    Vulnerability Report: Rockwell PLC Unauthorized Code Injection [CVE-2022-1161, CVE-2022-1159]
    April 6, 2022

    Vulnerability Report: Rockwell PLC Unauthorized Code Injection [CVE-2022-1161, CVE-2022-1159]

    Two vulnerabilities in Rockwell programmable logic controllers and engineering workstation software have been disclosed. These vulnerabilities give attackers a way to modify automation processes and...

    Your Weekly ICS / OT Security News Digest - March 31st
    March 31, 2022

    Your Weekly ICS / OT Security News Digest - March 31st

    Our research team has put together all of the most relevant news topics in the ICS, IT, Ransomware & OT security fields, as well as their impacts and their expert recommendations:

    The Weekly ICS and OT Security News Digest - March 10th 2022 | SCADAfence
    March 10, 2022

    The Weekly ICS and OT Security News Digest - March 10th 2022 | SCADAfence

     

    The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective
    March 8, 2022

    The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective

    In recent weeks, Ukraine has been hit with numerous cyberattacks targeting its government and banking sector as a part of the Russo-Ukrainian crisis. Several Ukrainian government departments and...

    OT Security in 2021 - The Roundup | SCADAfence
    December 30, 2021

    OT Security in 2021 - The Roundup | SCADAfence

    As 2021 draws to a close, it is time for our customary round-up of the year’s industry-changing cyber attacks, product and company updates, and SCADAfence’s achievements. 

    OT Security for Log4J with the SCADAfence Platform
    December 22, 2021

    OT Security for Log4J with the SCADAfence Platform

    Until two weeks ago, Log4j was just a popular Java logging framework, one of the numerous components that run in the background of many modern web applications. But since a zero-day vulnerability...

    A SCADAfence Update Regarding The Log4Shell Vulnerability
    December 15, 2021

    A SCADAfence Update Regarding The Log4Shell Vulnerability

    December 10, 2021, will always be remembered by the security community as the day when a highly critical zero‑day vulnerability was found in the very popular logging library for Java applications, ...

    Simplifying Cyber Security for the Mining Industry
    December 13, 2021

    Simplifying Cyber Security for the Mining Industry

    The COVID-19 pandemic has been detrimental to the world economy while flattening many industries. The mining industry was fortunate to be one of the very few industries to deliver exceptional growth...

    This Thanksgiving, Be Thankful for OT Security | SCADAfence
    November 24, 2021

    This Thanksgiving, Be Thankful for OT Security | SCADAfence

    Thanksgiving – when families get together and express gratitude for everything they have over some food and hopefully some football. For most families and especially security teams, this is a time...

    To Patch or Not to Patch in OT | SCADAfence
    November 9, 2021

    To Patch or Not to Patch in OT | SCADAfence

    When organizations are seeking out the right OT network security for their OT environments and OT devices, the clear objective is to decrease and eliminate risks. Too often organizations only adopt...

    Implementing Zero Trust Security in OT Environments
    October 26, 2021

    Implementing Zero Trust Security in OT Environments

    In 2021, the increasing number of cyber security attacks on major critical infrastructure operators grabbed the headlines. The successful attacks targeted different industrial sectors such as oil...

    Integrate IBM QRadar SIEM with SCADAfence For Complete OT Visibility
    October 6, 2021

    Integrate IBM QRadar SIEM with SCADAfence For Complete OT Visibility

    CISOs and security teams face an uphill battle when it comes to detecting and mitigating ever more frequent and sophisticated cyber threats, especially in OT environments.

    Innovative OT Security Solutions. SCADAfence's largest product rollout.
    September 14, 2021

    Innovative OT Security Solutions. SCADAfence's largest product rollout.

    Over time, we have learned that we develop products not for our own innovation, but for you the customers, to help improve your OT security. In 2021, we were excited to launch three newly designed...

    White House Pushes for Stronger Critical Infrastructure Security
    August 2, 2021

    White House Pushes for Stronger Critical Infrastructure Security

    In the wake of the different ransomware attacks on Colonial Pipeline, JBS Foods, Oldsmar Florida water system and other critical infrastructure, President Joe Biden signed a national security...

    OT Networks Are the Low-Hanging Fruit for Supply Chain Attacks
    July 28, 2021

    OT Networks Are the Low-Hanging Fruit for Supply Chain Attacks

    When looking back at 2020 and 2021 the first thing that comes to mind is the different supply chain attacks on the industrial sectors. The successful attacks by threat actors exploited the industrial...

    The Results are in: SCADAfence is the Most Advanced OT Security Vendor Covering MITRE ATT&CK for ICS
    July 22, 2021

    The Results are in: SCADAfence is the Most Advanced OT Security Vendor Covering MITRE ATT&CK for ICS

    There is a lot of buzz recently on the topic of MITRE ATT&CK for ICS and rightfully so.

    Ransomware Attacks on the Automotive Sector Are Picking Up Speed
    July 14, 2021

    Ransomware Attacks on the Automotive Sector Are Picking Up Speed

    50% of Automotive Manufacturers Are Susceptible to a Ransomware Attack The automotive industry has started to ramp up its digitalization in their manufacturing sites but cybersecurity is still an...

    Kaseya Supply Chain Attack Delivers Mass Ransomware Event to MSPs
    July 5, 2021

    Kaseya Supply Chain Attack Delivers Mass Ransomware Event to MSPs

    Just as the security community was recovering from the SolarWinds supply-chain attack, over July 4th holiday weekend Kaseya IT management software, commonly implemented by Managed Service Providers...

    Water Utilities Face Increasing Risk of Cyber Attacks
    July 1, 2021

    Water Utilities Face Increasing Risk of Cyber Attacks

    Cyber Crime on the Rise - Ransomware is Everywhere Over the past few months, there is a feeling that every day a different organization has fallen victim to a ransomware attack. While the idea of a...

    ​Top 20 PLC Secure Coding Practices Released
    June 24, 2021

    ​Top 20 PLC Secure Coding Practices Released

    Over the years, programmable logic controllers (PLC) have been insecure by default. Security good practices have been created and adopted for IT which can be seen in OWASP’s Top Ten Vulnerabilities...

    NERC Develops Practice Guide to Help Organizations Evaluate Network Monitoring Technologies
    June 17, 2021

    NERC Develops Practice Guide to Help Organizations Evaluate Network Monitoring Technologies

    Earlier this month, on June 4th, the North American Electric Reliability Corporation (NERC) released a new practice guide that pinpoints how organizations should integrate network monitoring...

    Five Key Takeaways from the U.S. Executive Order to Bolster Nation’s Cybersecurity
    June 2, 2021

    Five Key Takeaways from the U.S. Executive Order to Bolster Nation’s Cybersecurity

    It’s no secret that Nation-State attackers are targeting US government agencies and organizations. As seen in the Solarwinds breach and the more recent Colonial Pipeline ransomware attack,...

    Bridging the Gap Between IT and OT and How the Rapid7 & SCADAfence Partnership Leads the Way
    May 26, 2021

    Bridging the Gap Between IT and OT and How the Rapid7 & SCADAfence Partnership Leads the Way

    It's been over a decade since the headline-grabbing Stuxnet virus was introduced and the concept of nation-state-sanctioned cyber attacks was presented by security professionals. The concern about...

    “Air-Gapping” IT and OT?
    May 19, 2021

    “Air-Gapping” IT and OT?

    Following the Colonial Pipeline Ransomware incident, Twitter exploded in to an orgy of blather from people demanding that we “air-gap” ICS. Those righteous keyboard warriors know what is best, I’m...

    SCADAfence Researchers Discover a Vulnerability in the CODESYS Development System
    May 12, 2021

    SCADAfence Researchers Discover a Vulnerability in the CODESYS Development System

    There are new vulnerabilities discovered every day, and new patches issued to fix them. As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources...

    Colonial Pipeline Attack Spells Fuel Pipeline Shutdown and Highlights the Need for Increased OT Security
    May 10, 2021

    Colonial Pipeline Attack Spells Fuel Pipeline Shutdown and Highlights the Need for Increased OT Security

    On May 8th, news broke that Colonial Pipeline, one of the largest fuel pipelines in the US, was forced to stop all operations due to falling victim to a ransomware attack. The attack on Colonial...

    Pharmaceuticals Like Johnson & Johnson Are Experiencing Daily Cyber Attacks From Nation State Attackers
    April 29, 2021

    Pharmaceuticals Like Johnson & Johnson Are Experiencing Daily Cyber Attacks From Nation State Attackers

    As each day passes, so does the increasing amount of security risks with the cybersecurity attack vector. Every organization can easily fall victim to another cyber threat, but recently, the...

    Takeaways From The Oldsmar Water Attack & What Security Leaders Can Do About It
    February 19, 2021

    Takeaways From The Oldsmar Water Attack & What Security Leaders Can Do About It

    Over the last few days, cybersecurity journalists and the ICS security community have been discussing the Oldsmar Florida water system cyber attack, almost ad nauseam. While many people have been...

    Preventing Ransomware Attacks On Industrial Networks
    January 29, 2021

    Preventing Ransomware Attacks On Industrial Networks

    Ransomware Slams Westrock & Other Industrial Organizations Earlier this week, the operations at $17 billion packaging firm WestRock were disrupted by a ransomware attack that impacted both its IT and...

    Discovery of DoS Vulnerability in ABB's AC500 V2
    January 19, 2021

    Discovery of DoS Vulnerability in ABB's AC500 V2

    Our Researchers Discover Another Vulnerability  As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities...

    Thank You 2020 - It's Been Quite A Ride!
    January 1, 2021

    Thank You 2020 - It's Been Quite A Ride!

    What a year. What a year this has been to humanity, an epidemic has fundamentally changed the way we interact with one another, social distancing, lockdowns and restrictions in virtually everything...

    SolarWinds: Should Enterprises Adopt Supply Chain Certification
    December 22, 2020

    SolarWinds: Should Enterprises Adopt Supply Chain Certification

    SunBurst - The Cyber Attack on SolarWinds SunBurst is a cyber espionage campaign that leveraged a supply chain attack on SolarWinds, a leading supplier of network management software. Between March...

    How SCADAfence Defended a DoD Supplier from Over 50 Cyber-Attackers
    December 7, 2020

    How SCADAfence Defended a DoD Supplier from Over 50 Cyber-Attackers

    The '85 Bears of Cyber Physical Security A few days ago, our elite cybersecurity team of defenders, faced over 50 of the world’s top hackers and security practitioners in the Hack the Building event.