Here's one reason why Iranian state hackers may have been able to target Israeli-made pressure-monitoring controllers used by American water systems: Nearly 150 of the controllers are exposed to the internet - and some still use the default password 1111.
The U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure owners to patch systems after publishing a warning that Chinese hackers are evading detection and maintaining persistent unauthorized access in U.S. information technology environments.
As industrial organizations continue to digitize their operations, they are pulling production data from across their operations into IT systems. As more OT systems are connected to enterprise IT networks, this data can be shared to help drive business growth. But with this increased connectivity comes increased risk....
The Russian military hacked into surveillance cameras to spy on Ukrainian air defenses and Kyiv's critical infrastructure during the missile and drone strikes on the capital city Tuesday. Ukraine has blocked and dismantled the cameras, and it urged users to stop sharing security camera feeds online.
Legacy medical gear continues to pose big cyber challenges to healthcare entities. A joint report by the Food and Drug Administration and MITRE Corp. emphasizes the importance of entities taking a consistent risk-based approach to managing these and other devices, said Jessica Wilkerson of the FDA.
As a legacy protocol, DICOM lacks proper security measures, and as the healthcare industry modernizes and moves to the cloud, there is a significant risk of patient data exposure, said Sina Yazdanmehr, a senior IT security consultant at Aplite.
In the latest weekly update, editors at Information Security Media Group discuss why a growing number of U.S. and Canadian hospitals have been forced to turn away patients because of cyberattacks, innovations that have surfaced during the Israel-Hamas war and the future of industrial automation.
Microsoft spent the past year testing how generative AI can boost productivity, accelerate learning curves and drive collaboration for itself, its partners and its customers. Microsoft infuses generative AI into every product it builds and now uses generative AI to build generative AI capabilities.
Heavy reliance on legacy systems by the manufacturing organizations have led to cyberattacks becoming more frequent, complex and nuanced over the past two years. Rockwell Automation has sought to build cyber resilience and mitigate risk in industrial operations.
Rockwell's automation efforts have moved away from a purely programmed approach to one that combines programming and self-learning based on specified parameters. Rockwell trained autonomous vehicles using real-time learning and millions of images that capture optimal behavior by human drivers.
Rockwell Automation's acquisition of industrial cybersecurity vendor Verve will help businesses better handle one of the biggest challenges with critical infrastructure: asset identification. Industrial organizations need to manage plants located all over the world, and some of them are very old.
Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and team up with Microsoft's generative AI practice to speed automation design and development.
Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors deliver vulnerability management has shifted away from ingesting vulnerability assessment results.
This week, Bitsight found a lot of internet-exposed industrial control systems, Apple issued new patches, Sony confirmed a data breach, Google and Yahoo tackled spam, Qualcomm patched three zero-days, Cisco revealed zero-day exploits in VPN, and the FBI warned of twin attacks.
In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.