Critical Infrastructure

Response to CISA Advisory (AA24-326A): Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

| | adversary emulation, CISA Alert, Critical Infrastructure, cyber resilience, Cybersecurity Advisory (CSA), Red Team Assessment (RTA), Red Teaming
In response to the recently published CISA Advisory (AA24-326A) which highlights the CISA Red Team's simulation of real-world malicious cyber operations, AttackIQ has provided actionable recommendations to help organizations emulate these attacks ...
AttackIQ
infrastructure, ransomware,

Protecting Critical Infrastructure with Zero-Trust and Microsegmentation

| | attacks, Critical Infrastructure, Ransomware, zero trust
Ransomware attacks are increasingly targeting critical infrastructure — essential systems like energy, water, transportation and finance. In 2023 alone, over 40% of attacks hit these sectors, according to the FBI. Meanwhile, agencies ...
Security Boulevard
Bridging the Gap: The Challenges of IT and OT Convergence

Bridging the Gap: The Challenges of IT and OT Convergence

| | Blog, Compliance, Critical Infrastructure, Infrastructure, IT, OT, regulations, Regulations & Compliance
Operational Technology (OT) networks and Industrial Control Systems, the backbone of critical infrastructure, have traditionally operated in isolation and designed more for reliability and efficiency than security. The increasing convergence of IT ...
MixMode

Emulating the Destructive WhisperGate Malware

| | adversary emulation, Critical Infrastructure, Cybersecurity Advisory (CSA), Malware, Ukraine, WhisperGate
AttackIQ has released a new attack graph that seeks to emulate the Tactics, Techniques and Procedures (TTPs) associated with the destructive WhisperGate malware. The post Emulating the Destructive WhisperGate Malware appeared first ...
AttackIQ
Cybersecurity Insights with Contrast CISO David Lindner | 11/8/24

Cybersecurity Insights with Contrast CISO David Lindner | 11/8/24

| | ADR, automatic updates, Critical Infrastructure, SIEM, Thought Leaders
Insight #1:  Time for a new SIEM? Make it ADR-compatible When evaluating modern security information and event management (SIEM) solutions, prioritize those with robust integrations for Application Detection and Response (ADR). This ...
AppSec Observer
critical, infrastructure, threats, cybersecurity energy infrastructure CISA NSA

Strengthening Critical Infrastructure Defense: Shifting to an Exposure Management Mindset

| | Critical Infrastructure, exposure management, Vulnerability Management
A recent alert jointly issued by a myriad of governmental agencies including CISA, FBI, EPA, DOE, NSA and NCSC-UK has spotlighted activities by Russians targeting U.S. and European critical infrastructure ...
Security Boulevard
An electricity power generation plant

Biggest Ever DDoS is Threat to OT Critical Infrastructure

| | Analyzing DDoS Attacks, application-layer DDoS attacks, Cloudflare DDoS Protection, Critical Infrastructure, critical infrastructure attack, critical infrastructure attacks, Critical Infrastructure Security and Resilience Month, cyber attack on critical infrastructure, ddos, DDoS amplification, DDoS attack, distributed denial of service, Distributed denial of service (DDoS) attacks, distributed denial of service attack, ICS, ICS/SCADA systems, industrial control systems, Infrastructure, iot, operational technologies, operational technology, operational technology security, OT, SB Blogwatch, US critical infrastructure
Egyptian River Floods: Operational technology (OT) targeted in “world record” 3.8 Tb/s distributed denial of service (DDoS) ...
Security Boulevard
democracy, election, attackers, cybersecurity Iran Russia Trump disinformation elections Russia Walz

“Hacking” an Election is Harder Than You Think – But Security is Still a Priority  

| | Critical Infrastructure, Cybersecurity, election, Hacking
By understanding attackers’ true goals, prioritizing transparency, and winning the optics battle, election officials can help keep the process secure and avoid losing the faith of the electorate ...
Security Boulevard
email, email security, organizations, Tax season scams

Email Security Breaches Rampant Among Critical Infrastructure Organizations

| | Critical Infrastructure, DLP, email, IT Security, OPSWAT, Phishing, Threat
A full 80% of organizations within the critical infrastructure vertical experienced email-related security breaches in the past year, according to an OPSWAT survey ...
Security Boulevard

Response to CISA Advisory (AA24-249A): Russian Military Cyber Actors Target US and Global Critical Infrastructure

| | adversary emulation, cisa, Critical Infrastructure, cyberespionage, Espionage, GRU, Russia, sabotage, Unit 29155, WhisperGate
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-249A) published on September 5, 2024, that assesses cyber actors affiliated with the Russian General Staff Main Intelligence Directorate ...
AttackIQ
Load more