critical infrastructure - Security Ticks

The clock is ticking for businesses to prepare for mandated certificate automation

automation, certificates, Compliance, critical infrastructure, cybersecurity, GlobalSign, News, report, SSL/TLS, survey / SecurityTicks

The clock is ticking for businesses to prepare for mandated certificate automation 28/09/2023 at 06:36 By Help Net Security Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. There could be significant changes within the Public Key Infrastructure (PKI) marketplace, the most pressing matter being Google’s […]

React to this headline:

The clock is ticking for businesses to prepare for mandated certificate automation Read More »

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers

Compliance, critical infrastructure, Cybellum, cybersecurity, News, regulation, report, supply chain, survey, threats / SecurityTicks

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers 21/09/2023 at 07:02 By Help Net Security 50% of companies lack a dedicated security function for control systems and devices within their organizational structure, according to Cybellum. Security incidents involving industrial organizations have seen a sharp rise in recent years, with notable cases highlighting the vulnerabilities in

React to this headline:

Regulatory pressure complicates cybersecurity for industrial equipment manufacturers Read More »

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

attacks, critical infrastructure, cyber espionage, cyber resilience, cybersecurity, ENISA, EU, law, News, regulation, report / SecurityTicks

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet 21/09/2023 at 06:32 By Help Net Security More than 97% of the world’s internet traffic passes through subsea cables at some point, according to ENISA. Subsea cables are a vital component of the global internet infrastructure, and it is critical to protect them

React to this headline:

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet Read More »

Rising OT/ICS cybersecurity incidents reveal alarming trend

critical infrastructure, cybercrime, cybersecurity, firewall, network, News, phishing, regulation, report, Rockwell Automation, standards, strategy, supply chain attacks, survey / SecurityTicks

Rising OT/ICS cybersecurity incidents reveal alarming trend 14/09/2023 at 06:01 By Help Net Security 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are

React to this headline:

Rising OT/ICS cybersecurity incidents reveal alarming trend Read More »

MITRE Caldera for OT now available as extension to open-source platform

CISA, critical infrastructure, DHS, GitHub, HSSEDI, MITRE, News, open source, USA / SecurityTicks

MITRE Caldera for OT now available as extension to open-source platform 06/09/2023 at 09:32 By Help Net Security MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT). The first

React to this headline:

MITRE Caldera for OT now available as extension to open-source platform Read More »

LockBit leaks sensitive data from maximum security fence manufacturer

critical infrastructure, data breach, Data leak, Don't miss, Hot stuff, legacy technology, News, UK, Windows / SecurityTicks

LockBit leaks sensitive data from maximum security fence manufacturer 05/09/2023 at 17:32 By Helga Labus The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company

React to this headline:

LockBit leaks sensitive data from maximum security fence manufacturer Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Cisco, critical infrastructure, Don't miss, Europe, healthcare, Hot stuff, Malware, ManageEngine, News, North Korea, trojan, USA, vulnerability / SecurityTicks

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

Israel, US to Invest $4 Million in Critical Infrastructure Security Projects

critical infrastructure, Cybersecurity Funding, Israel, US / SecurityTicks

Israel, US to Invest $4 Million in Critical Infrastructure Security Projects 18/08/2023 at 14:16 By Ionut Arghire Israel and US government agencies have announced plans to invest close to $4 million in projects to improve the security of critical infrastructure systems. The post Israel, US to Invest $4 Million in Critical Infrastructure Security Projects appeared

React to this headline:

Israel, US to Invest $4 Million in Critical Infrastructure Security Projects Read More »

Reinventing OT security for dynamic landscapes

asvin, authentication, CISO, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, opinion, regulation, Risk Management, strategy, tips, zero trust / SecurityTicks

Reinventing OT security for dynamic landscapes 18/08/2023 at 07:05 By Mirko Zorz From understanding the challenges of disparate OT protocols and the increasing convergence with IT to grappling with the monumental role of human error, our latest interview with Rohit Bohara, CTO at asvin, delves deep into the landscape of OT security. As cloud solutions

React to this headline:

Reinventing OT security for dynamic landscapes Read More »

Cybertech Africa 2023 marks the first gathering for innovation and networking in the region

5G, Artificial Intelligence, CISO, conferences, critical infrastructure, cybersecurity, Cybertech Global, IoT, News, Ransomware / SecurityTicks

Cybertech Africa 2023 marks the first gathering for innovation and networking in the region 16/08/2023 at 06:02 By Help Net Security Last week, on August 1-2, 2023, Cybertech arrived at the Kigali Convention Center in Kigali, Rwanda, in partnership with the Rwanda Ministry of ICT, Rwanda’s National Cyber Security Authority, the Rwanda Convention Bureau, and

React to this headline:

Cybertech Africa 2023 marks the first gathering for innovation and networking in the region Read More »

Major vulnerabilities discovered in data center solutions

critical infrastructure, data center, Don't miss, Hot stuff, News, security update, Trellix, vulnerability / SecurityTicks

Major vulnerabilities discovered in data center solutions 14/08/2023 at 13:17 By Helga Labus Researchers have discovered serious security vulnerabilities in two widely used data center solutions: CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU). “An attacker could chain these vulnerabilities together to gain full access to these

React to this headline:

Major vulnerabilities discovered in data center solutions Read More »

White House launches AI Cyber Challenge to make software more secure

Anthropic, Artificial Intelligence, Black Hat USA 2023, critical infrastructure, cybersecurity, darpa, DEF CON, Google, Government, Microsoft, News, OpenAI, OpenSSF, software, USA, vulnerability / SecurityTicks

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

React to this headline:

White House launches AI Cyber Challenge to make software more secure Read More »

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key

critical infrastructure, cybersecurity, Don't miss, Dragos, Expert analysis, Expert corner, Government, Hot stuff, opinion, regulation, transportation, USA / SecurityTicks

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key 08/08/2023 at 08:03 By Help Net Security Late last month, the Transportation Security Administration renewed and updated its security directive aimed at enhancing the cybersecurity of oil and natural gas pipelines. The reissued guidance, known as Security Directive (SD) Pipeline-2021-02D Pipeline Cybersecurity Mitigation, Actions,

React to this headline:

For TSA’s updated Pipeline Security Directive, consistency and collaboration are key Read More »

Overcoming the cybersecurity talent shortage with upskilling initiatives

certification, critical infrastructure, cybersecurity, cybersecurity talent, Don't miss, education, Features, Government, Hot stuff, MACH37, machine learning, News, opinion, training / SecurityTicks

Overcoming the cybersecurity talent shortage with upskilling initiatives 26/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational institutions, and governments on how to address the ongoing shortage of cybersecurity talent through the introduction of

React to this headline:

Overcoming the cybersecurity talent shortage with upskilling initiatives Read More »

Bridging the cybersecurity skills gap through cyber range training

attacks, Cloud Range, critical infrastructure, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, SOC, threats, training / SecurityTicks

Bridging the cybersecurity skills gap through cyber range training 24/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Debbie Gordon, CEO of Cloud Range explains the concept of a cyber range, its crucial role in preparing for real-world cyber threats, and the importance of realism in cyber training scenarios. Gordon also discusses

React to this headline:

Bridging the cybersecurity skills gap through cyber range training Read More »

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News / SecurityTicks

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this

React to this headline:

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)

critical infrastructure, Don't miss, Dragos, energy sector, firmware, Hot stuff, ICS/SCADA, manufacturing sector, News, PLC, Rockwell Automation, security update, vulnerability / SecurityTicks

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596) 13/07/2023 at 15:46 By Zeljka Zorz Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers (PLCs), ahead of expected (and likely) in-the-wild exploitation. “An unreleased exploit capability leveraging these vulnerabilities is associated with an

React to this headline:

Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596) Read More »

How cybercriminals target energy companies

CISO, critical infrastructure, cybersecurity, Don't miss, energy sector, Hot stuff, ICS/SCADA, Searchlight Cyber, strategy, tips, Video / SecurityTicks

How cybercriminals target energy companies 15/06/2023 at 07:34 By Help Net Security In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses how cybercriminals employ specialized strategies when targeting energy companies. This is primarily due to the sensitive and valuable information these organizations hold and their critical role in

React to this headline:

How cybercriminals target energy companies Read More »

Evolving Threat Landscape of Hacktivism in Colombia

#OpColombia, Berghof, Berghof Web Panel, critical infrastructure, cybercrime, darkweb, data breach, Data leak, DDoS Attack, Fueling Systems, GhostSec, GNSS, Government, Hacktivism, HMI, Human Machine Interface, Industrial Control Systems, Israel, Malware, National Critical Infrastructure, OpIsrael, OSINT, Power Supply Controllers, Radio Broadcast, Satellite Receivers, SiegedSec, Threat Intelligence, Zero-Day / SecurityTicks

Evolving Threat Landscape of Hacktivism in Colombia 31/05/2023 at 11:22 By cybleinc CRIL investigates the evolving threat landscape of hacktivism leading to cyberattacks on Colombian Critical Infrastructure and Zero-day Sales by Hacktivists. The post Evolving Threat Landscape of Hacktivism in Colombia appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Evolving Threat Landscape of Hacktivism in Colombia Read More »

Organizations are placing OT cybersecurity responsibility on CISOs

CISO, critical infrastructure, cybersecurity, Fortinet, News, report / SecurityTicks

Organizations are placing OT cybersecurity responsibility on CISOs 31/05/2023 at 06:35 By Help Net Security Protecting operational technology (OT) systems is now more critical than ever as more organizations connect their OT environments to the internet, according to Fortinet. Although IT/OT convergence has many benefits, it is being hampered and handicapped by advanced and destructive

React to this headline:

Organizations are placing OT cybersecurity responsibility on CISOs Read More »