HackDig : Dig high-quality web security articles for hacker

Industrial Entities in Middle East Targeted by WildPressure APT Operation

A newly detected advanced persistent threat (APT) operation called “WildPressure” targeted industrial organizations and other entities in the Middle East.Researchers at Kaspersky Lab observed WildPressue distributing samples of a fully operation trojan written in C++ called “Milum.” With timestamps dating back to March 2019, these sam
Publish At:2020-03-26 10:40 | Read:129 | Comments:0 | Tags:ICS Security Latest Security News Middle East Milum WildPres

ICS Environments and Patch Management: What to Do If You Can’t Patch

The evolution of the cyber threat landscape highlights the emerging need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Although the terms “patch management” and “vulnerability management” are used as if they are interchangeable, this is not the case. Most are confused
Publish At:2020-03-19 00:24 | Read:159 | Comments:0 | Tags:ICS Security ICS Systems Patch Management

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity practice, it is
Publish At:2020-02-09 10:22 | Read:115 | Comments:0 | Tags:ICS Security CMA ics OT

Why Asset Visibility Is Essential to the Security of Your Industrial Environment

Threats against industrial environments are on the rise. Near the beginning of 2019, for example, Kaspersky Lab revealed that 47% of industrial control system (ICS) computers on which its software was installed suffered a malware infection in the past year. That was three percent higher than the previous year.These digital threats confronting ICS systems com
Publish At:2020-02-09 10:21 | Read:205 | Comments:0 | Tags:ICS Security asset discovery Industrial Passive Asset Discov

So You Want to Achieve NERC CIP-013-1 Compliance…

Is an electricity provider’s supply chain its weakest link in the event of a cyberattack? The evidence is compelling that third parties often play unwitting roles. For example, the NotPetya ransomware attacks in mid-2017 originally gained a foothold via a backdoor in third-party accounting software. To safeguard North America’s electricity supply, the North
Publish At:2020-02-09 10:21 | Read:344 | Comments:0 | Tags:ICS Security CIP-013-1 compliance _NERC

Survey: 93% of ICS Pros Fear Digital Attacks Will Affect Operations

Digital attackers are increasingly targeting industrial environments these days. Take manufacturing organizations, for instance. Back in late-August, FortiGuard Labs discovered a malspam campaign that had targeted a large U.S. manufacturing company with a variant of the LokiBot infostealer family. It wasn’t long thereafter when Bloomberg reported on the effo
Publish At:2019-10-18 10:10 | Read:500 | Comments:0 | Tags:ICS Security experts ics Industrial Survey

What is NEI 08-09?

Most organizations with industrial control systems (ICS) fall into one of two categories: regulated and non-regulated. For those subject to government imposed regulatory requirements, the selection of a cybersecurity framework is obviously compelling. Such is the case with the nuclear energy industry and NEI 08-09.The nuclear energy industry is one of the sa
Publish At:2019-10-18 10:10 | Read:516 | Comments:0 | Tags:ICS Security Regulatory Compliance ics NEI 08-09 nuclear

NIST SP 1800-23, Energy Sector Asset Management: Securing Industrial Control Systems

Industrial organizations face a growing list of digital threats these days. Back in April 2019, for instance, FireEye revealed that it had observed an additional intrusion by the threat group behind the destructive TRITON malware at another critical infrastructure. This discovery came less than two years after the security firm discovered an attack in which
Publish At:2019-10-18 10:10 | Read:647 | Comments:0 | Tags:ICS Security Regulatory Compliance Energy Sector NIST

3 Trends in Support of a More Nuanced Approach to ICS Security

The security community has seen multiple high-profile incidents targeting industrial control systems (ICS) over the past few years. No one can forget Christmas 2015, when a threat actor linked to the Russian government sent spear-phishing emails to the Western Ukrainian power company Prykarpattyaoblenergo.Those messages were laced with BlackEnergy, a form of
Publish At:2017-03-27 12:15 | Read:5371 | Comments:0 | Tags:Featured Articles ICS Security ics malware security

The Subversive Six – Hidden Risk Points in Your ICS

I was lucky enough to be at the event at which Sean McBride initially spoke about potatoes. Who doesn’t love a good potato? It was actually a succinct outline of a process in agriculture that takes place every day, outlining pinch points of a potato harvester that could illicit physical harm to the workers performing their everyday jobs.It was a nice metapho
Publish At:2017-03-15 05:05 | Read:6701 | Comments:0 | Tags:Featured Articles ICS Security ics organization risk

More than 90% of IT Pros Expect More Attacks, Risk, and Vulnerability with IIoT in 2017

The Internet of Things (IoT) embodies great promise and risk. On the one hand, ordinary users view IoT as a means of streamlining their activities across billions of “smart” devices. They hope such connectivity will ultimately translate into better and easier lives. On the other hand, IoT devices aren’t always designed with security in mind
Publish At:2017-03-13 16:15 | Read:3804 | Comments:0 | Tags:Featured Articles ICS Security IIoT IT OT Vulnerability

Common Solutions for DevOps and Discrete Manufacturing

Near the bleeding edge of technology, there’s a lot of talk (and work) around DevOps and the use of containers for delivering services. This is a fast-paced environment where services are spun up and down to meet demand in an elastic cloud and code is shipped to production multiple times a day. It’s also an area where security is far from ‘figured out,’ but
Publish At:2017-03-08 04:11 | Read:4364 | Comments:0 | Tags:Featured Articles ICS Security DevOps Docker security

4 Tips for a Successful OT & IT Security Marriage

Securing critical infrastructure is becoming a priority for the public and private sectors. Cyber professionals everywhere are rejoicing about the increasing investments in protecting the networks and systems that keep us safe at night. The Oval Office has even signaled its intentions to make security a priority.We welcome the new administration’s desire for
Publish At:2017-02-15 03:15 | Read:5324 | Comments:0 | Tags:Featured Articles ICS Security IT OT security

ICS Sandbox: Diving into the ICS Threat Landscape at RSA Conference

During the second week of February, information security professionals will head over to San Francisco to attend RSA, one of The State of Security’s top 13 conferences for 2017. The conference is primarily focused on information security-related topics and typically draws over 45,000 attendees per year, making it one of the largest information security
Publish At:2017-02-02 01:45 | Read:4547 | Comments:0 | Tags:Featured Articles ICS Security Conference ics security

2016 Reflections on ICS Security

As the year approaches the end, it is a time to reflect on 2016 and industrial control systems (ICS) security. Why ICS security? Because securing ICS should be everyone’s concern. Consider the impact on this critical infrastructure and what it means to you.ImpactWhy?Your entertainment—watching movies on your TV or laptop, listening to music, etc.ICS are a cr
Publish At:2016-12-28 10:55 | Read:3673 | Comments:0 | Tags:Featured Articles ICS Security backdoor ics security spear-p


Share high-quality web security related articles with you:)


Tag Cloud