This is all part of the new global battlefield, where world powers don’t compete against each other directly using kinetic weapons, but rather constantly trying to exploit each other’s weaknesses under the surface.
Category: Featured
VMware ESXi hypervisor vulnerability grants full admin privileges
Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor.
ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.
The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.
PKfail Secure Boot bypass lets attackers install UEFI malware
PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to malware installation. Vendors and users must follow best practices, apply updates and patches, monitor, and protect devices, and replace test keys. Prompt firmware upgrades are advised, and leaked AMI PK devices should be disconnected from critical networks.
What can we learn from the 2024 CrowdStrike incident towards industrial cybersecurity?
CrowdStrike, an American cybersecurity firm, released a configuration update for its Falcon sensor software that inadvertently triggered a catastrophic chain reaction.
Understanding Zones and Conduits
Every professional who designs configure and maintain any type of control systems, need to learn about zones and conduits and manage the new security requirements and develop necessary skills according to their function, even if they are not into industrial cybersecurity.