Critical Infrastructure

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack
Posted on Thursday August 06, 2020

Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits
Posted on Thursday August 06, 2020

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.

Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers
Posted on Wednesday August 05, 2020

Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.

Black Hat 2020: Scaling Mail-In Voting Spawns Broad Challenges
Posted on Wednesday August 05, 2020

Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.

Podcast: Learning to ‘Speak the Language’ of OT Security Teams
Posted on Tuesday August 04, 2020

Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected.

Critical Bugs in Utilities VPNs Could Cause Physical Damage
Posted on Wednesday July 29, 2020

Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.

NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
Posted on Friday July 24, 2020

Power plants, factories, oil and gas refineries and more are all in the sights of foreign adversaries, the U.S. warns.

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
Posted on Friday July 17, 2020

An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET).

‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices
Posted on Tuesday June 16, 2020

The vulnerabilities affect everything from printers to insulin pumps to ICS gear.

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
Posted on Tuesday June 09, 2020

The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.