SCADAfence Blog

A SCADAfence New Feature report “Could we be next?”   One of the biggest challenges for an industrial OT/ICS security professional is figuring out if their organization is vulnerable to the latest...

Alerton, a subsidiary of Honeywell, is a major manufacturer of building management systems for heating, ventilation, and air conditioning (HVAC). SCADAfence’s research team discovered vulnerabilities...

LockBit Overview The first known ransomware attacks using what would come to be known as LockBit were reported back in 2019. Organizations that were infected with the malicious software had their...

SCADAfence now offers new advanced services via our cloud. We use the cloud to deliver continuous OT security updates, software upgrades and OT health monitoring.

South Staffordshire PLC, parent company of South Staffs Water, a small independent utility that supplies water to 1.6 million customers, including 35,000 businesses, in central England was hit by a...

A SCADAfence New Feature Report Here is the standard, old school way of automated risk assessment across an OT network:  First, scan each device individually. Then evaluate its specific level of risk...

Our research team compiled the latest updates on newly announced CVEs, recent ransomware attacks including BlackCat & Luna, and IoT security news. They also offer analysis of the potential impacts...

The SCADAfence engineering team has contributed a new module to the widely used Metasploit framework as a “pay it forward” program that will allow pentesters and asset owners to use a new set of...

A SCADAfence New Feature reportA large, robust Industrial Control Systems (ICS) network can contain tens of thousands of devices. Each of those devices may have any number of associated known CVEs...

Almost immediately after a fire broke out in an active power plant in southern Israel on July 14, 2022, an Iranian hacking group claimed responsibility. While it's understandable why the group, which...

Our research team compiled the latest updates on newly announced CVEs, recent ransomware attacks and IoT security news. They also offer analysis of the potential impacts and their expert...

Iran’s steel Industry was hit by a hacktivist group calling themselves ”Goneshke Darande” [Predatory Sparrow] on June 27th, 2022. The attack focused specifically on three steel companies that are...

This blog is a response to a recently published article that implied a link between the June 8th explosion at the Freeport LNG plant and Russian threat actors. The author attempted to connect...

Our research team compiled the latest updates on newly announced CVEs, recent ransomware attacks and IoT security news. They also offer analysis of the potential impacts and their expert...

A Change In The Air The past several decades have seen a seismic shift in how the world thinks about energy. Concerns about climate change and global geopolitics have caused many nations to declare a...

OT and ICS Industry veteran Paul Smith, author of “Pentesting Industrial Control Systems” has recently joined the SCADAfence team in the role of Field CTO. We interviewed Paul to get his thoughts on...

Our research team has put together all of the most relevant news topics in the Ransomware and IoT security fields, as well as their impacts and their expert recommendations:

On April 27, the Cybersecurity and Infrastructure Security Agency (CISA), published a joint advisory in collaboration with CSA/NSA/FBI/ACSC and other cybersecurity authorities, providing details on...

Dangerous New Malware Can Shut Down, Sabotage Industrial Sites  

Russian-backed Group Attempts to Compromise Ukrainian Power Grid Using Industroyer2 Malware As part of their ongoing military assault against neighboring Ukraine, Russian-backed hacker group Sandworm...

Two vulnerabilities in Rockwell programmable logic controllers and engineering workstation software have been disclosed. These vulnerabilities give attackers a way to modify automation processes and...

Our research team has put together all of the most relevant news topics in the ICS, IT, Ransomware & OT security fields, as well as their impacts and their expert recommendations:

In recent weeks, Ukraine has been hit with numerous cyberattacks targeting its government and banking sector as a part of the Russo-Ukrainian crisis. Several Ukrainian government departments and...

As 2021 draws to a close, it is time for our customary round-up of the year’s industry-changing cyber attacks, product and company updates, and SCADAfence’s achievements. 

Until two weeks ago, Log4j was just a popular Java logging framework, one of the numerous components that run in the background of many modern web applications. But since a zero-day vulnerability...

December 10, 2021, will always be remembered by the security community as the day when a highly critical zero‑day vulnerability was found in the very popular logging library for Java applications, ...

The COVID-19 pandemic has been detrimental to the world economy while flattening many industries. The mining industry was fortunate to be one of the very few industries to deliver exceptional growth...

Thanksgiving – when families get together and express gratitude for everything they have over some food and hopefully some football. For most families and especially security teams, this is a time...

When organizations are seeking out the right OT network security for their OT environments and OT devices, the clear objective is to decrease and eliminate risks. Too often organizations only adopt...

In 2021, the increasing number of cyber security attacks on major critical infrastructure operators grabbed the headlines. The successful attacks targeted different industrial sectors such as oil...

CISOs and security teams face an uphill battle when it comes to detecting and mitigating ever more frequent and sophisticated cyber threats, especially in OT environments.

Over time, we have learned that we develop products not for our own innovation, but for you the customers, to help improve your OT security. In 2021, we were excited to launch three newly designed...

In the wake of the different ransomware attacks on Colonial Pipeline, JBS Foods, Oldsmar Florida water system and other critical infrastructure, President Joe Biden signed a national security...

When looking back at 2020 and 2021 the first thing that comes to mind is the different supply chain attacks on the industrial sectors. The successful attacks by threat actors exploited the industrial...

There is a lot of buzz recently on the topic of MITRE ATT&CK for ICS and rightfully so.

50% of Automotive Manufacturers Are Susceptible to a Ransomware Attack The automotive industry has started to ramp up its digitalization in their manufacturing sites but cybersecurity is still an...

Just as the security community was recovering from the SolarWinds supply-chain attack, over July 4th holiday weekend Kaseya IT management software, commonly implemented by Managed Service Providers...

Cyber Crime on the Rise - Ransomware is Everywhere Over the past few months, there is a feeling that every day a different organization has fallen victim to a ransomware attack. While the idea of a...

Over the years, programmable logic controllers (PLC) have been insecure by default. Security good practices have been created and adopted for IT which can be seen in OWASP’s Top Ten Vulnerabilities...