The industrial cyber threat landscape is constantly changing with new adversaries, vulnerabilities, and attacks that put operations and safety at risk.
The Dragos Year in Review summarizes what you need to know to protect your critical assets, including:
Findings from incident response and threat hunts
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Malware operators are increasingly targeting ONG and related energy industries to further political, economic, and national security goals. Their activity threatens the availability of industrial technologies and safety of those operating them. Industrial asset owners and operators can defend against these threat...
Employees with too much access can pose an insider threat. When employees have access to more than they need to do their job, there are more opportunities for mistakes, whether accidental or not. Lack of accountability means you
don’t know who did what, when. If too many people have the same level of access and...
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
In a declassified letter to CIA Director William Burns and DNI Avril Haines from 2021, two U.S. senators urged transparency around alleged "bulk surveillance" conducted by the CIA in response to now-declassified documents compiled by the Privacy and Civil Liberties Oversight Board.
Due to disruptive events felt globally, operational resilience has grown in importance for banks and regulators. Banks can no longer simply prepare for “what if” scenarios; they must assume those scenarios will happen and prove they have a way to continue business as usual.
Download this eBook to learn how...
Israeli officials announced they will set up a commission of inquiry to investigate reports that the nation's police force used the flagship spyware of Israeli firm NSO Group, called Pegasus, to hack the phones of Israeli public officials, journalists and activists.
In a report published Monday, Symantec's Threat Hunter Team outlines a specific Russian cyberespionage campaign conducted on a Ukrainian network in 2021 - which comes as Russia has amassed 100,000 or more troops at Ukraine's eastern border while it reportedly mulls invasion
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
Customer Service is More Than a Buzzword, it's the cornerstone of an organization’s customer experience (CX) strategy. The contact center plays a pivotal role in this strategy. The challenge for modern contact center decision makers is to balance the need for outstanding CX with robust security. Artificial...
The Log4j vulnerability caused plenty of stress for tech practitioners, and while it’s likely under control now, it’s essential to take the opportunity to learn from these events to improve security.
Join this interactive session to review what the latest Zero Day threat taught us about current security...
The U.S. Department of Homeland Security is reportedly warning that the U.S. could witness a retaliatory cyberattack at the hands of Russia if it decides to respond to the latter's potential invasion of Ukraine, where 100,000 or more troops have been amassed for weeks.
FS-ISAC is piloting a new program called the Critical Providers Program that is aimed to heighten the conversation between leaders of security firms and their third-party partners. The program leverages the Connect platform, and Akamai Technologies plays a key role.