ZDI announced the Pwn2Own Miami ICS targets that will be under attack at S4x23. Various popular OPC UA stacks, Kepware, and a Softing edge connector to Siemens is what I'll be watching. They awarded $400K for 26 unique 0days at this years Pwn2Own Miami. Get on it crack researchers and make some money.
My article this week analyzes Moody's Cyber Risk Heat Map. They have electric/pipeline/water/wastewater at Very High Cyber Risk as a contribution to Credit Risk. Using their methodology, Moderate is the right qualitative value, imo.
US TSA is requesting comment on a long list of cybersecurity regulation questions for pipelines & rail, pages 31-46. One question is on the use of 3rd party assessors.
It appears that Bedrock Automation is no more. Their PLC hardware was impressive (Albert was most excited talking about the power supply). Focus on open systems was noble and probably doomed. Better security was a hard sell for me when it was running CODESYS. Best of luck to the dispersing team.
Asset inventory & vulnerability management tailor-made for power grid OT: With built-in OT knowledge, ease of importing engineering files, and visualizations that are close to plant structure, OMICRON's IDS solution ensures understanding between OT engineers and IT officers.
Cyber-Attack Recovery in only 30 Seconds! Salvador Technologies provides solutions for operational continuity for ICS & OT systems, that minimize downtime and enable an ideal RTO for critical assets. For HMI, SCADA, BMS, and other critical computer systems based on Windows.
Forwarded This Email and Want To Get It Every Friday?