UPDATE: Industroyer2 and Pipedream ICS/SCADA Malware: DOE, CISA, NSA, and the FBI Release Joint Cybersecurity Advisory
California ISO hits all-time peak of more than 97% renewables
April 18, 2022Critical VMware Cloud Director Bug Could Let Hackers Takeover Entire Cloud Infrastructure
April 18, 2022
Summary:
Industrial control systems (ICS) and supervisory control and data acquisition (SCADA) device vulnerabilities are, arguably, the threat surfaces that are of the utmost concern to cyber and homeland security professionals. If ICS/SCADA devices are mission-critical to your organization, the Joint Cybersecurity Advisory (CSA) released by multiple U.S. agencies is a must-read. A unique element of this CSA is the direct contribution made by the private sector to the research included in the advisory: “This is the most expansive industrial control system attack tool that anyone has ever documented,” says Sergio Caltagirone, the vice president of threat intelligence at industrial-focused cybersecurity firm Dragos, which contributed research to the advisory and published its own report about the malware. Researchers at Mandiant, Palo Alto Networks, Microsoft, and Schneider Electric also contributed to the advisory. “’It’s like a Swiss Army knife with a huge number of pieces to it.’”
Additional Discussion:
Dragos has issued their own report and it can be used in concert with the DOE, CISA, NSA, and the FBI Released Joint Cybersecurity Advisory.
Joint_Cybersecurity Advisory_APT Cyber Tools Targeting ICS_SCADA Devices_4-14-22_UPDATE
Joint_Cybersecurity Advisory_APT Cyber Tools Targeting ICS_SCADA Devices_4-14-22_UPDATE- Dragos_ChernoviteWP_v2b
