An ICS Cyber Security Storm is Brewing: How to Prevent Staff Burnout

An ICS Cyber Security Storm is Brewing: How to Prevent Staff Burnout

Building cyber resiliency puts a lot of pressure on an organization’s security team. It requires specialized knowledge that takes time to develop, and there just aren’t enough skilled cyber experts to go around.

Which begs the question: are the limited number of security experts holding the front lines in danger of burnout – and what can we do about it?

What You Need to Know About LookBack Malware & How to Detect It

What You Need to Know About LookBack Malware & How to Detect It

On August 1, security researchers at Proofpoint reported the details of spearphishing campaign targeting three different United States utility companies using a malware called “LookBack.” The spearphishing emails contained a malicious Microsoft Word attachment that installed a Remote Access Trojan (RAT) capable of performing activities like deleting files, taking screenshots, rebooting machines, and then deleting itself from an infected network.

Learn more about LookBack malware and how you can detect it.

Advances in Cyber Security for Electric Utilities: WG15 & Black Hat

Advances in Cyber Security for Electric Utilities: WG15 & Black Hat

As a passionate champion for secure-by-design power grid systems, I’ve been part of WG15, the group defining IEC 62351 standards to enable such systems, for years.

If you’d like to learn about the future of cyber security for electric utilities, I urge you to read this article. It also provides a sneak peek into our related (and groundbreaking!) talk about power system security at Black Hat USA 2019.

Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Today, the U.S. Department of Homeland Security issued ICS CERT Advisory (ICSA-19-120-01) concerning Rockwell Automation CompactLogix controllers.

Nozomi Networks responsibly disclosed the vulnerability to CISA and Rockwell Automation.

Read on to learn about our findings and gain a better understanding of the cyber risks of legacy devices.