- April 07, 2015This research provides a comprehensive look into the security challenges and attacks on critical infrastructure that member states of the Organization of American States had to face in 2014.
- April 04, 2015SCADA devices do not differ from IT devices in that they also require redundancy, security, reduced costs, and uptime. There are several ways that SCADA in the cloud can be approached and installed, but each has their own potential security issues.
- March 31, 2015The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization.
- February 10, 2015Attackers are actively attempting to compromise Internet-facing gas pump monitoring systems. We began searching for these devices to see if we could glean any intelligence on attacks that have occurred against these devices.
- January 12, 2015A cyber attack on a German steel plant has been confirmed to suffer a significant amount of damage, putting the spotlight on the evident lack of security across a number of different critical facilities and institutions.
- December 16, 2014During a security evaluation of AIS, we found that both the implementation, as well as the protocol specification of AIS, is affected by several threats, from spoofing and hijacking to availability disruption.
- December 01, 2014The United States Industrial Control System Cyber Emergency Response Team recently released an advisory warning operators of industrial control systems that there is an active cyber crime campaign targeting them with Trojans and backdoor attacks.
- October 16, 2014After beginning an investigation into the affiliated malware samples and domains used by the Sandworm team, we found that the group is likely targeting SCADA-centric victims using GE Intelligent Platform’s CIMPLICITY HMI solution suite.
- July 12, 2014Ninety-six percent of enterprises think they know what targeted attack campaigns are. But studies show that more than half can't even differentiate between traditional threats and actual attacks. How far is enterprise perception on their targeted attack pr