Critical Infrastructure Protection

April 19, 2021

A “high-level manager” of the FIN7 hacking group has been sentenced to ten years in prison. The planned $40bn (£29bn) sale of UK-based chip designer Arm Holdings will be scrutinised by regulators over potential national security concerns after an intervention by the government. Digital secretary Oliver Dowden has stepped in after current owner, Japanese conglomerate Softbank, agreed ...

April 19, 2021

Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...

April 16, 2021

The Feds are warning that nation-state actors are once again after U.S. assets, this time in a spate of cyberattacks that exploit five vulnerabilities that affect VPN solutions, collaboration-suite software and virtualization technologies. According to the U.S. National Security Agency (NSA), which issued an alert Thursday, the advanced persistent threat (APT) group known as APT29 (a.k.a. ...

April 15, 2021

The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks. According to Bloomberg, the Biden administration has a plan to dramatically improve how power utilities defend themselves against attacks from countries considered to be adversaries in cyberspace – such as Russia, Iran, North ...

April 15, 2021

Russia’s infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country’s US embassy. One of the sanctioned companies is Positive Technologies, familiar in the West for, among other things, in-depth research ...

April 15, 2021

The Victorian government plans to invest a total of AU$30 million to upgrade and modernise the IT infrastructure of 28 of the state’s hospitals and health services in a bid to guard against further cyber attacks. The AU$30 million will be divided amongst hospitals across Melbourne and regional and rural health services. Melbourne hospitals will receive ...

April 14, 2021

More networks, industries, and machines will be interconnected as 5G become more widely available, making security an even bigger challenge for businesses in Asia-Pacific. Along with this, they also will have to deal with the increased complexity of managing 5G infrastructures, including the use of network slicing. Beyond just providing consumers with faster data speeds, the ...

April 13, 2021

High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In Mandiant’s experience, the concept of an ‘air gap’ separating OT assets from external networks rarely ...

April 13, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. Today, Microsoft released security updates for four Microsoft Exchange vulnerabilities discovered by the NSA. These Exchange vulnerabilities are capable of remote code execution, with two vulnerabilities not requiring attackers to authenticate first. Read more… Source: Bleeping Computer Related story: ...