Industrial Cyber Security Blog

Recent Posts

URGENT/11 – New ICS Threat Signatures by Nozomi Networks Labs

A well-known RTOS (Real-Time Operating System), widely used in industrial sectors, is at risk from a series of 11 vulnerabilities dubbed URGENT/11.

Nozomi Networks Labs conducted research on the vulnerable devices and has released threat signatures for URGENT/11 that identify threats in typical industrial networks without generating high numbers of false positive alerts.

Speeding IT Visibility into OT: New Integrations with Fortinet

Fortinet and Nozomi Networks achieve another partnership milestone with two new integrations that help eliminate the gap between IT and OT. Now Nozomi Networks Guardian is now comprehensively integrated with FortiGate, FortiNAC, and FortiSIEM.

Learn how these integrations deliver full visibility across IT and OT environments, improve access control and speed incident response.

Nozomi Networks Cyber Security Solution Embedded in RUGGEDCOM

Nozomi Networks is bundling its real-time ICS cyber security and visibility solution on the new RUGGEDCOM RX15xx Multi-Service Platform from Siemens AG.

Read on to learn how this industrial networking platform with embedded security improves operational resiliency with minimal rackspace and streamlined deployment.

Recent Labs Posts

What You Need to Know About LookBack Malware & How to Detect It

On August 1, security researchers at Proofpoint reported the details of spearphishing campaign targeting three different United States utility companies using a malware called “LookBack.” The spearphishing emails contained a malicious Microsoft Word attachment that installed a Remote Access Trojan (RAT) capable of performing activities like deleting files, taking screenshots, rebooting machines, and then deleting itself from an infected network.

Learn more about LookBack malware and how you can detect it.

Advances in Cyber Security for Electric Utilities: WG15 & Black Hat

As a passionate champion for secure-by-design power grid systems, I’ve been part of WG15, the group defining IEC 62351 standards to enable such systems, for years.

If you’d like to learn about the future of cyber security for electric utilities, I urge you to read this article. It also provides a sneak peek into our related (and groundbreaking!) talk about power system security at Black Hat USA 2019.

Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Today, the U.S. Department of Homeland Security issued ICS CERT Advisory (ICSA-19-120-01) concerning Rockwell Automation CompactLogix controllers.

Nozomi Networks responsibly disclosed the vulnerability to CISA and Rockwell Automation.

Read on to learn about our findings and gain a better understanding of the cyber risks of legacy devices.