A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.
Preparing healthcare organizations to respond to and rebound from a disruptive ransomware attack is akin to implementing a "12-step program," said Dr. Eric Liederman, CEO of consultancy CyberSolutionsMD and recently retired long-serving director of medical informatics at Kaiser Permanente.
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.
An artificial intelligence-fueled growth in data center construction has the federal government asking what it should do to help manage data security risks. The NTIA is interested in identifying opportunities "to improve data centers’ market development, supply chain resilience, and data security."
Centralized architecture in the automotive industry streamlines cybersecurity and supply chain operations by reducing hardware components and enabling quicker fixes. But that centralization also poses major cybersecurity challenges, said Thomas Sermpinis, technical director at Auxilium Pentest Labs.
Piotr Ciepiela, EMEIA cybersecurity leader at EY, discusses the challenges of securing OT systems and contrasts them with IT SOC environments. He emphasizes the need for specialized tools, dedicated personnel and strong collaboration with engineering teams to manage OT SOC operations.
As concerns grow about China's cyberthreat to U.S. critical infrastructure, Scythe founder and CEO Bryson Bort suggests the actual risk may not be as severe as feared. He explains the factors that might limit China's cyber activities and the real strategic vulnerabilities that could be targeted.
Aftin Ross, deputy director of the Office of Readiness and Response at FDA's Center for Devices and Radiological Health, discusses the latest medical device cybersecurity regulations, industry collaboration and manufacturers' efforts to address vulnerabilities and ensure patient safety.
Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.
A vulnerability in Rockwell Automation's ControlLogix 1756 devices allows attackers to bypass a critical security feature, turning the trusted slot mechanism into a hacker's secret passageway to jump between slots and gain access to industrial control systems.
Hackers used novel malware to knock out the heating system for 600 apartment buildings during the winter in Ukraine, in a development that poses a wider threat for critical infrastructure. Cybersecurity researchers at Dragos on Tuesday dubbed the new malware "FrostyGoop."
The interconnectedness of medical devices, which generate data that can be distributed to multiple systems that are often managed by different policies, presents privacy concerns that device manufacturers must address, said Adam Hesse, CEO of Full Spectrum.
A new artificial intelligence-based protection system developed by the German government-funded SecDER project is revolutionizing the security of virtual power plants by detecting cyberattacks and predicting failures, according to Fraunhofer SIT Institute Darmstadt.
The deployment of an asset management platform is helping Main Line Health gain deeper visibility and better security over the 100,000-plus medical devices and IoT gear used throughout the group's multiple hospitals and medical facilities, said CISO Aaron Weismann, who discusses the implementation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.