Uncategorized

Cyber-attacks: the US gets up and back in the ring 2.

After the previous introductory post, here are the main developments! A few days after the Colonial Pipeline incident, a Presidential Executive Order on Improving the Nation’s Cybersecurity (May 12, 2021) was issued. Its most important elements are: A shift from a response-centric to a prevention-centric strategy substantially improving the exchange of information between government and …

Cyber-attacks: the US gets up and back in the ring 2. Read More »

SeConSys website has been relaunched

SeConSys cooperation for the cyber security of the electricity system: website has been relaunched Leading Hungarian electricity ICS* manufacturers and cybersecurity companies agreed in December 2018 that their cooperation is useful – even necessary – to strengthen the cybersecurity of the electricity system. Hungarian electricity companies and relevant public organisations joined the initiative within a …

SeConSys website has been relaunched Read More »

Backlog

Alongside the work on the relaunched website, the sharing of new content of interest has been a little slow. Today we’re working on the backlog…  25 MayFireEye’s experience and recommendations on the cyber security of OT systems: Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises | FireEye Inc 27 May Presentations and …

Backlog Read More »

Cyber attacks: the US gets up and back in the ring 1.

The US has been hit by a number of cyberspace “stomach-churners” in the last six months. The SolarWinds/Orion incident highlighted the vulnerability of the software supply chain, while the Colonial Pipeline ransomware attack highlighted the threat of disruption of the technology process through IT. Although the incoming Biden administration had intended to make cybersecurity a …

Cyber attacks: the US gets up and back in the ring 1. Read More »

VPNFilter, 3 years later

Guest post from the ICS cyber security blog: VPNFilter, 3 years later Later life of a botnet affecting ICS systems During 2018, I have written several times about the VPNFilter malware, which (among many other incidents) was responsible for an attack on the ICS systems of a Ukrainian water utility company. Two and a half …

VPNFilter, 3 years later Read More »

ICS rendszereket támadó csoportok XII: Talonite/APT10

Az ICS cyber security blog vendégposztja: ICS rendszereket támadó csoportok XII: Talonite/APT10 május 15. – icscybersec Az APT10 (Dragos terminológia szerint Talonite) az egyik legrégebben aktív, ICS rendszereket támadó csoport. Módszereik közé kártékony kódot tartalmazó csatolmányokkal ellátott adathalász e-mailek és egyedi malware-ek tartoznak, célpontjaik pedig főként amerikai, japán és tajvani villamosenergia-ipari cégek. Bár az egyes csoportok nemzetiségéről …

ICS rendszereket támadó csoportok XII: Talonite/APT10 Read More »