OT & IoT
Security Blog
Learn More About OT & IoT Security and Visibility
OT & IoT Security Blog
Learn More About OT & IoT Security and Visibility
The Cyber Risks of Transportation’s Connected OT/IoT Systems
Cyberattacks on transportation OT systems could disrupt port management, customs approval processes or facilitate the import of illegal goods.
SolarWinds Cyberattack: Layered OT Security Creates Best Defense
Technology boundaries can lessen the impact of nation state threats like the SolarWinds cyberattack, and help expose APTs in your OT network.
New Reolink P2P Vulnerabilities Show IoT Security Camera Risks
Nozomi Networks Labs has discovered vulnerabilities in the Peer-to-Peer (P2P) feature of a commonly used line of security cameras – Reolink. P2P is used by several vendors and, if your CCTV camera has this feature, it’s important to understand the potential security risks.
CISA Alert: Sophisticated, Ongoing Cyberattacks Go Beyond SolarWinds
CISA warns government agencies & critical infrastructure providers about sophisticated APT cyberattacks that go beyond breaching the SolarWinds Orion platform.
Focus of OT and IoT Cybersecurity in Australia’s Critical Infrastructure
The Australian Government’s approach to OT/IoT security is a significant step forward, but great challenges still exist for critical infrastructure.
New Threat Intelligence Reveals Misuse of DNS Protocol
Nozomi Networks Labs has uncovered new misuse of the DNS protocol that opens the door to significant threats in the future. We urge security teams to familiarize themselves with this new threat intelligence and centrally monitor their systems for problematic network traffic.
The U.S. Government is Creating Security Standards for IoT Devices
A new Internet of Things bill directs NIST to create minimum cybersecurity standards for IoT devices owned or controlled by the U.S. government.
New Partnerships Boost OT/IoT Security Across Digital Environments
To help critical infrastructure and industrial operators leverage multi-platform environments, Nozomi Networks has partnered with two major suppliers.
CMMC Compliance Made Easy With the Nozomi Networks Solution
The Cybersecurity Maturity Model Certification (CMMC) is now required for bids on U.S. Dept. of Defense contracts. Find out how the Nozomi Networks solution makes compliance as efficient as possible.
Why Your OT/IoT Network Needs “Always On” Security and Visibility
Without “always on” security, you could miss significant indicators of malicious activity, and risk an OT security breach or downtime.
Massive IoT Disruption Coming to an OT Network Near You
Adoption of IoT will be highly disruptive for many OT environments. The use of billions of IoT devices will force critical infrastructure and industrial operators to adapt their device management and security workflow.
U.S. Sanctions Russia for Cyberattacks: Critical Infrastructure At Risk
The U.S government recently issued sanctions against Russia related to the milestone TRITON malware attack of 2017.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Enhanced Product Security Incident Response Reduces Customer Risk
Our Product Security Incident Response Team (PSIRT) contacts and security bulletins are now public, as part of our commitment to customer security.
Ripple20 – New Zero-Day Vulnerabilities Send Shockwaves Across IoT
Two things make Ripple20 IT/OT/IoT vulnerabilities especially concerning: the potential impact that can be achieved by their exploitation, and the difficulty of finding and tracking all instances of the vulnerable library.
IEC 61850 Meets IEC 62351: Securing GOOSE Power Grid Weaknesses
Nozomi Networks CTO Moreno Carullo explains how IEC 62351-6 can be used to secure IEC 61850 GOOSE protocol defects & increase ICS security for substations.
Dark Nexus IoT Botnet: Analyzing and Detecting its Network Activity
Dark Nexus is an IoT botnet that uses DDoS attacks for financial gain. Nozomi Networks security researchers have analyzed its network behavior.
COVID-19 Chinoxy Backdoor: A Network Perspective
A prolific threat actor, active in Asia, sends documents to people in Kyrgyzstan about how the United Nations is helping to fight COVID-19.
Nozomi Networks Labs examines how network traffic analysis can detect this specific threat.
OT/IoT Security Superheroes: Tackling the Remote Employee Challenge
While the world is grappling with the COVID-19 pandemic, nation-state and other threat actors are capitalizing on the climate of fear, uncertainty and doubt to find OT and IoT security gaps and orchestrate new cyberattacks.
COVID-19 (coronavirus) Malware: New OT and IoT Security Tools
While the world is grappling with the COVID-19 pandemic, nation-state and other threat actors are capitalizing on the climate of fear, uncertainty and doubt to find OT and IoT security gaps and orchestrate new cyberattacks.
Act Now on Critical Microsoft SMB Vulnerability (CVE-2020-0796)
On March 10th, Microsoft published a security advisory of critical severity for CVE-2020-0796, which is a remote code execution vulnerability affecting the Microsoft Server Message Block 3.1.1 (SMBv3).
Recent Ransomware Threatens OT Security, Reputation and GDPR Fines
Last week we reported that a new wave of ransomware is threatening OT security. The Snake file encrypting ransomware, for example, includes code that has the explicit goal of causing process disruption.
New Wave of Ransomware Threatens OT Security and Reliability
A new development in malware threats is ransomware that threatens OT security and aims to disrupt OT systems. For example, recently we wrote about the Snake file encrypting ransomware, which was similar to the preceding Megacortex malware. Both threats include code...
Snake Ransomware is Raising Concerns for Industrial Controls Systems
A recently discovered file-encrypting ransomware is raising concerns for industrial control system (ICS) operators.
Read on to learn what we now know about the Snake ransomware, and our recommendations for protecting your ICS systems.
URGENT/11 – New ICS Threat Signatures by Nozomi Networks Labs
A well-known RTOS (Real-Time Operating System), widely used in industrial sectors, is at risk from a series of 11 vulnerabilities dubbed URGENT/11.
Nozomi Networks Labs conducted research on the vulnerable devices and has released threat signatures for URGENT/11 that identify threats in typical industrial networks without generating high numbers of false positive alerts.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Leonardo Partnership Boosts Critical Infrastructure Cyber Security
Power grids, transportation systems and other critical industrial infrastructure are the backbone of life – without them world economies would quickly come to a screeching halt. That’s why the partnership between global aerospace, defense and security leader Leonardo, and Nozomi Networks is more than just timely.
Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall
Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solutionbuilt for ICS.
Now, Nozomi Networks has extended the utility and reach of Nozomi Networks Guardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.
Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence
Malware attacks like WannaCry, Dragonfly 2 and Industroyer have brought industrial cyber threats to the attention of corporate boards and governments around the world. As a result, CISOs and those responsible for critical infrastructure are demanding real, enterprise-grade OT security solutions. Many are reaching out to trusted partners in IT security, looking for help in securing their industrial control networks.
This is the driver behind our new partnership with FireEye. FireEye’s customers include more than 40% of the Forbes Global 2000 and they depend on FireEye to eliminate the complexity and burden of cyber security for them.
To help extend its ICS cyber security offerings, FireEye recently thoroughly analyzed the market for ICS network security monitoring solutions. We’re happy to announce today that our solution has been selected by FireEye to provide cyber security visibility and threat detection for industrial control systems. Find out why our technical excellence and ICS expertise stands out from the crowd.
Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet
In the future, an organization’s cyber security strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.
Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cyber security. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.
If you’re interested in improving IT / ICS cyber security, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cyber security thread for Fortinet Security Fabric.
THE LATEST LABS BLOGS
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
The Colonial Pipeline ransomware attack is one of the most notable critical infrastructure breaches of recent years. Learn the encryption, anti-detection and other techniques used by DarkSide’s main executable so you can evaluate your own defenses. Includes IoCs and a decryption script for detection.
JTEKT TOYOPUC products – CVE-2021-27458
An attacker could prevent Ethernet communication from being established in the affected products by manipulating the link parameter or changing its state. JTEKT Corporation recommends that users apply the suggested mitigation so an unauthorized user cannot stop the...
Threat Intelligence: Analysis of the SBIDIOT IoT Malware
Billions of IoT devices are used in the industrial sector and threat actors are quickly evolving new malware focused on them. Don’t miss this analysis of the SBIDIOT IoT malware to learn how it communicates with targets and what types of commands it supports. Includes IOCs.