Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution (RCE) as SYSTEM on any unpatched MXview server, researchers warned this week. The five bugs, affecting versions 3.x to 3.2.2, score Read More …

Oil terminals disrupted after European ports hit by cyberattack

Port facilities in Belgium, Germany, and the Netherlands have been targeted by a large-scale cyberattack, authorities say. Officials say the hack began several days ago and has primarily disrupted operations at oil terminals, preventing tankers from delivering energy supplies. German Read More …

DHS Launches First-Ever Cyber Safety Review Board

WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is an unprecedented public-private initiative Read More …

U.S. unveils plan to improve cyber defenses for water utilities

The White House on Thursday unveiled a plan to beef up cybersecurity in the nation’s water sector, an extension of its efforts to thwart attacks against critical infrastructure including electricity and natural gas pipeline operators. Senior administration officials said water Read More …

Brazilian Ministry of Health recovers systems over a month after cyberattack

After a major cyberattack brought key systems of Brazil’s Ministry of Health (MoH) to a halt, the department has reported all its platforms are back online. According to a statement released by the MoH on Friday (14), most systems have Read More …

The race towards renewable energy is creating new cybersecurity risks

The renewable energy industry is becoming more important as countries attempt to move away from fossil fuels, but the continued growth of the sector must be managed with cybersecurity in mind, or there’s the danger that vulnerabilities in everything from Read More …

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community Read More …

TSA to impose cybersecurity mandates on railroad and aviation industries

The Transportation Security Administration will impose new cybersecurity mandates on the railroad and airline industries, including reporting requirements as part of a department effort to force compliance in the wake of high-profile cyberattacks on critical industries, Homeland Security Secretary Alejandro Read More …

Fulfilling Security Requirements for the Transportation Sector

Protecting our critical infrastructure against the threat of ransomware remains a top priority for both the private sector and the federal government. In fact, a recent survey from Tripwire found that security professionals in both sectors still identify ransomware as Read More …