Ongoing Cyber Threats to U.S. Water and Wastewater Systems

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) to highlight ongoing malicious cyber activity—by both Read More …

US and EU to cooperate on tech standards, supply chain security and tech development

The United States and the European Union have started work on coordinating approaches across various technology areas, including AI and semiconductors, and tackling non-market policies that result in the misuse of technology. The plan was created on Wednesday after US Read More …

NSA-CISA Guidance: Selecting and Hardening Remote Access VPN Solutions

Virtual Private Networks (VPNs) allow users to remotely connect to a corporate network via a secure tunnel. Through this tunnel, users can take advantage of the internal services and protections normally offered to on-site users, such as email/collaboration tools, sensitive Read More …

Cybersecurity: Rising risk for airlines

After remaking their security procedures following the 9/11 attacks to stop airline hijackings, carriers are now faced with rising threats targeting computers and electronic equipment critical to their operations and safety. Since the tragedy 20 years ago on Saturday, airlines Read More …

The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors

The United Nations Regulation No. 155 sets provisions for cybersecurity and cyber security management systems in vehicles. A notable section of the document is Annex 5, which lists 69 attack vectors affecting vehicle cybersecurity. In order to help organizations comply Read More …

Cisco Releases Security Updates for Cisco Enterprise NFVIS

Cisco has released security updates to address a critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS) Release 4.5.1. A remote attacker could exploit this vulnerability to take control of an affected system. For updates addressing lower severity Read More …

In space, no one can hear cyber security professionals scream

“Space is an invaluable domain, but it is also increasingly crowded and particularly susceptible to a range of cyber vulnerabilities and threats.” That’s not an overblown sci-fi movie strapline, but rather the chilling words of Gina Galasso, managing director of Read More …

Ransomware Awareness for Holidays and Weekends

CISA and the FBI have released an advisory warning of potential cyberattacks that may occur over the coming Labor Day weekend, noting that in recent years hackers have launched dozens of devastating attacks on long weekends. They urged organizations to Read More …

API Releases New Standard for Pipeline Control Systems

On August 18, 2021, the American Petroleum Institute (API) released the third edition of Standard 1164, Pipeline Control Systems Cybersecurity. The edition has been in development since 2017—a result of expert input from over 70 organizations, including the US’s Department Read More …