Articles Tagged with ''critical infrastructure''

October marks Cybersecurity Awareness Month

Security experts comment on where efforts should be focused

October 1, 2021

National Cybersecurity Awareness Month (NCSAM) is now in its 18^th year. The theme for 2021 is ‘Do Your Part. #BeCyberSmart,’ helping to empower individuals and organizations to own their role in protecting their part of cyberspace.

New APT group attacking Russia's fuel and energy complex and aviation production industry

September 30, 2021

Researchers at the Positive Technologies Expert Security Center have identified a new, previously unknown APT group that has systematically attacked mainly Russia’s fuel and energy complex and aviation industry.

CISA releases de-escalation training series for critical infrastructure operators

September 24, 2021

The Cybersecurity and Infrastructure Security Agency created a new de-escalation series to help critical infrastructure owners and operators recognize, assess, de-escalate and report behaviors that raise concern.

Second farming cooperative shut down by ransomware this week

September 23, 2021

Crystal Valley, a Minnesota-based farming cooperative, has been hit by a ransomware attack, causing them to shut down their IT systems and their daily operations to be severely interrupted.

BlackMatter's ransomware attack on NEW Cooperative may impact food supply chain

BlackMatter is demanding a $5.9 million ransom

Maria Henriquez

September 21, 2021

Iowa-based grain cooperative NEW Cooperative Inc. was struck by BlackMatter ransomware recently and has shut down its computer systems as it tries to mitigate the attack. BlackMatter is demanding a $5.9 million ransom.

Pennsylvania Army National Guard hones in on cyber defense

September 20, 2021

An international training program helps Pennsylvania prepare for cyber threats and protect critical technology infrastructure in the state.

Cyber Tactics

Emerging technology, evolving threats — Part II: The asymmetry effect

John McClurg

September 2, 2021

A single application may have hundreds of thousands of vulnerabilities. Increasingly, cybercriminals are targeting people just as much if not more than the systems that underlie an infrastructure, which is why the trusted insider conundrum is exacting renewed attention. In most instances, they represent a cheaper and more accessible conduit to achieve one’s objective. What’s to be done?

Five trends complicating industrial automation cybersecurity and how a standards-based approach is the solution

Jennifer Halsey

September 2, 2021

Five trends, in particular, are complicating industrial automation cybersecurity and driving the increased need for a standards-based approach.

Register for the 2021 Insider Threat Virtual Security Conference

August 20, 2021

The 2021 Insider Threat Virtual Conference, hosted jointly by the Defense Counterintelligence Security Agency and the Office of the Under Secretary of Defense for Intelligence and Security, will bring together security professionals and policy makers across U.S. government and industry to kick off the National Insider Threat Awareness Month (NITAM) campaign. The theme for this year's conference and campaign is Cultural Awareness and Insider Threat.

BadAlloc vulnerability affects BlackBerry QNX Real Time Operating System

August 18, 2021

BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156, with a CVSS score of 9. BadAlloc is a collection of 25 vulnerabilities affecting multiple RTOSs and supporting libraries of critical infrastructure organizations and other organizations developing, maintaining, supporting, or using affected QNX-based systems.

Retail security professionals are facing an increasingly complex array of security challenges — everything from organized retail crime to evolving cyber-physical threats and public safety concerns.