The #Trump administration’s #overhaul of the #federalgovernment has #weakened public-private partnerships protecting #criticalinfrastructure from #cyberattacks. https://www.cybersecuritydive.com/news/critical-infrastructure-cybersecurity-partnerships-disruption-trump-government-industry/751589/?eicker.news #tech #media #news

Fuel moves the world: from airplanes to cars, gas pipelines determine the wealth of a country and its negotiating power. The Colonial Pipeline Ransomware Attack was one of the most dramatic attacks to the critical infrastructure of a country, so much so that the company did pay the ransom to the attackers. Here's how it happened and why.

https://negativepid.blog/the-colonial-pipeline-ransomware-attack/

#ransomware #criticalInfrastructure #cyberattacks #colonialPipeline

UK signs up to NATO’s 5 percent defense spending target – POLITICO

He previously vowed to spend 2.6 percent of the country’s economic output on defense by 2027-2028 by slashing…
#UnitedKingdom #UK #Europe #EU #Budget #China #criticalinfrastructure #défense #Energy #energysecurity #GreatBritain #intelligence #investment #Iran #keirstarmer #NATOsummit #parliament #resilience #security #UnitedStates
https://www.europesays.com/2188735/

Boldly executed military attacks have demonstrated significant weaknesses in even the most formidable nations – forcing aggressive states to rapidly reassess their strategies for power projection. With traditional military capabilities proving insufficient against nimble adversaries, the appeal of cyber offensive operations as an asymmetric tool is stronger than ever.

I explore how the shifting warfare in the Ukraine-Russia and Israel-Iran wars are driving global powers to look towards increasing respective offensive cyber capabilities. This poses new challenges and opportunities for cybersecurity professionals. Discover what it means for the future of cybersecurity and global cyber defense.

#Cybersecurity #CyberWarfare #NationStateThreats #InfoSec #Geopolitics #Technology #CriticalInfrastructure

Video: https://www.youtube.com/watch?v=IDPR9UdioII

Full Article: https://open.substack.com/pub/matthewrosenquist/p/successful-military-attacks-are-driving

@lmemsm basically the Idea behind it is to be a brutally simple #toybox + #musl / #linux distro that grew out of the necessity for me to actually think about #firmware for some projects.

• And lets just say I did saw @w84death 's #Floppynux and @landley did present a lot of convincing arguments alongside a literal walktrough to get started.

Basically I want something that is so simple and auditable that it's practical to make it pass any #verification demands for #SecureTerminal|s in #CriticalInfrastructure and #Communications.

• OFC one may point at my other projects and say: "Why don't you just put #RaspberryPiOS on a #microSD?" ignoring that the smallest image is >330MB in size and that seems kinda overkill for essentially my demands for a minimalist #Linux with very few programs in userspace.

Not to mention a #GNUfree - #Linux distro is the way to go if I want that thing to not get bricked constantly by minor #GlibC-changes...

• End goal is something akin to #MSDOS in it's brutal simplicity, but way more extendable.

I hope that answers your question...

• Sorry for the delay.

🔐 Practical Industrial Security: Real-World Lessons from Complex HVDC Projects

We’re excited to announce that our colleague Jan Grotelüschen (GAI NetConsult GmbH) will be speaking at the Industrial Security Conference 2025 in Copenhagen, alongside Simon Gustafson (Amprion GmbH) and co-author Stephan Beirer (GAI NetConsult GmbH).

🎤 Topic of the presentation:
Staying on course in a volatile environment: OT security in complex large-scale HVDC projects – a real-life example

https://insightevents.dk/isc-cph/sessions/staying-on-course-in-a-volatile-environment-ot-security-in-complex-large-scale-hvdc-projects-a-real-life-example/

⚡ At a glance:

Amprion is currently implementing massive offshore grid connection projects such as BorWin4/DolWin4 and BalWin1/BalWin2. These high-voltage direct current (HVDC) lines span up to 380 km and deliver 5.8 GW of power per project – enough to supply electricity to nearly 6 million people.
In this presentation, the speakers, who are largely responsible for the specification and monitoring of the implementation of OT security for this HVDC project, will present the projects itself and report on the cyber security challenges and lessons learnt.

🔍 Key OT Security Challenges Covered:
• Dynamic regulation: Adapting to evolving frameworks like NIS-2, RCE, CRA – even mid-project
• Technology vs. longevity: IT/OT convergence meets decades-long system life cycles
• Managing uncertainty: Constant change in technologies, requirements, and stakeholders

📌 This session provides real-world insights into securing critical infrastructure under real conditions – including what worked, what didn’t, and how lessons learned are shaping better security strategies.

🔗 More about the industrial security conference: https://www.linkedin.com/company/industrial-security-conference-cph/posts/?feedView=all

#OTSecurity #CriticalInfrastructure #HVDC #CyberSecurity #EnergyTransition #ICSCPH #GAINetConsult #Amprion #NIS2 #CRA #IndustrialSecurity

When are #ICEProtests ‘illegal’ in #Texas? Here’s what state and federal laws say

By Tiffani Jackson Updated June 12, 2025

Excerpt: "What are your rights to protest on public or private property? Your rights are strongest in “traditional public forums,” like parks, sidewalks and streets, according to the American Civil Liberties Union. While you generally have the freedom to express yourself on other public land, like plazas outside government buildings, it’s important that your actions don’t block access or interfere with the building’s intended function.

"On private property, the owner has the right to impose restrictions on speech. However, the government cannot limit your speech if you’re on your own property or have permission from the owner. It’s also important to remember that counter-protesters have the same rights to free expression, and police must treat both protesters and counter-protesters equally.

"Is it legal to take photos or video protests, police or government buildings? You are legally allowed to photograph anything in plain view, including government buildings and law enforcement officers, when you’re in a public area.

"On private property, however, the property owner may have their own rules about photography or video recording.

"What is an ‘illegal protest’? Protesting is a fundamental right protected by the First Amendment, but not every demonstration is automatically legal. According to the Freedom Forum, a nonpartisan foundation dedicated to preserving the First Amendment, the following actions can cross the line and turn a peaceful protest into one that could get you arrested:

- Violence or destruction of property – If a protest turns violent, involves #vandalism, or causes harm to people or property, it’s no longer protected under #FreeSpeech laws.

- Trespassing on private property – Protests are generally allowed in public spaces, like sidewalks and parks. But if demonstrators enter private property without permission, they could face trespassing charges.

- Blocking roads or public services – #Marching in the street without a permit or blocking traffic can make a protest illegal. Many cities require permits for demonstrations, especially those that could disrupt public order.

" 'It can’t be about the content of the speech, because content and viewpoint are protected by the #First =Amendment,' TCU media law professor and First Amendment expert Daxton “Chip” Stewart said. 'It has to be about something else. A protest that #BlocksTraffic, for example, or that arises to violence.' Texas laws about protesting

"According to the Texas Law Library, there are specific restrictions on where protests cannot take place.

"For example, it’s illegal to protest within 1,000 feet of a funeral service from three hours before to three hours after the event, as this could disrupt the service. Likewise, protests at #CriticalInfrastructure sites, like oil pipelines or #construction areas, are heavily regulated, with severe penalties for trespassing or disrupting these facilities.

"Additionally, blocking #highways, #sidewalks or any passageways that are accessible to the public — especially emergency routes—is prohibited, and doing so can lead to felony charges.

"#Protests that turn disorderly or disrupt lawful meetings also fall under legal restrictions. Finally, any actions that involve violence or #loud, disruptive noise are subject to criminal penalties.

"What are your rights if you protest on college campus? In 2019, Texas passed a law that made all common outdoor spaces on public university campuses 'traditional public forums.'

"This means that anyone — whether you’re a student, staff member, or just someone from the community — can express themselves, whether that’s through protests or other demonstrations, as long as it’s lawful and doesn’t seriously disrupt the university’s operations."

Read more:
https://www.star-telegram.com/news/local/fort-worth/article308416530.html

#TexasResists #NoKingsEvents
#NonViolentProtests #ProtestLaws #Project2025 #Authoritarianism #AntiProtestLaws #TrafficInterference

Relying on dual-homed devices to separate your networks? You might be opening the door to attackers without realising it. 🖥️
 
During a recent OT and ICS assessment, what looked like strong segmentation on paper actually created hidden pathways across their networks.
 
We found that dual-homed devices, combined with outdated firmware, default passwords, and exposed services, allowed bridging between different networks (often of varying trust levels).
 
This is a reminder that dual-homed devices are not a safe shortcut for proper network design.
 
You can read the full breakdown here: https://www.pentestpartners.com/security-blog/fully-segregated-networks-your-dual-homed-devices-might-disagree/
 
#CyberSecurity #OTSecurity #ICS #CriticalInfrastructure #NetworkSecurity #NetworkSegregation 

I'm not sure if you all read the news about the rogue communication devices found in Chinese solar power inverters?

If not here is a short recap of the Reuters article from 2025-05-14:

Two anonymous U.S experts stated that they found "rogue" communication devices that were not listed in product documents in some Chinese solar inverters.
They also claimed that similar undocumented communication devices, including cellular radios, have also been found previously in some batteries from Chinese suppliers.

These communication devices could be used to bypass firewalls and switch off inverters remotely, or change their settings, could destabilize power grids, damage energy infrastructure, and trigger widespread blackouts. In the end the devices could be used to physically destroy the grid.

The whole article is here:
https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/

While Reuters stayed vague enough to not be wrong, other news outlets were quick to postulate that a Chinese “kill switches” had been found hidden in American solar farms.

While I don't doubt the theoretical possibility of the envisioned attack, the story still feels off to me!

The story just contains too few details. Reading it carefully it just states that undocumented components or undocumented communication devices were found. The "rogue" part is an interpretation. The theoretical consequences are valid nevertheless.

It remind me a lot of the story of spy chips on server boards (2018), which The Register described as a "mishmash of disparate and inaccurate allegations" .
https://www.theregister.com/2021/02/12/supermicro_bloomberg_spying/

What do you think?

#Cybesecurity #CriticalInfrastructure

Universities depend on digital infrastructure they do not control. What if we built something different?

My latest blog post explores open source tools, federated platforms, and community ownership in reimagining the digital university.

Read here:
https://www.e-learning-rules.com/blog/0032_critical_infrastructure_reimagining_the_digital_university.html

#DigitalPedagogy #OpenSource #EdTech #PlatformPolitics #HigherEd #CriticalInfrastructure

How Putin would try to flatten Britain in WW3 – revealed by the MOD: Swarms of drones, missile blitzes, ports bombarded, oil rigs and satellites sabotaged and waves of cyber attacks: https://newscats.org/how-putin-would-try-to-flatten-britain-in-ww3-revealed-by-the-mod-swarms-of-drones-missile-blitzes-ports-bombarded-oil-rigs-and-satellites-sabotaged-and-waves-of-cyber-attacks

#CriticalInfrastructure, #CyberWarfare, #DigitalDefence, #Disinformation, #DroneWar, #HybridThreats, #MissileDefence, #MOD, #ModernWarfare, #NationalSecurity, #NATO, #Putin, #ResilienceNow, #SecurityPolicy, #StrategicReview, #UKDefence, #UKPolitics, #UKSecurityThreats, #WW3, Britain

Treat #SocialHousing as #CriticalInfrastructure to unlock billions, says Peabody boss | Social housing | The Guardian

https://www.theguardian.com/society/2025/may/31/treat-social-housing-as-critical-infrastructure-to-unlock-billions-says-peabody-boss

#UK #Politics #Housing #Infrastructure

DeepSec 2025 Press Release: High threat level for IT security research. IT security is under attack from politics and hostility towards science.

Information technology is an integral part of computer science and t

https://blog.deepsec.net/deepsec-2025-press-release-high-threat-level-for-it-security-research-it-security-is-under-attack-from-politics-and-hostility-towards-science/

#Conference #CriticalInfrastructure #DeepSec2025 #ForbiddenKnowledge #ITSecurity #Politics #PressRelease

@bonkers @nixCraft +1

Because noone in their right mind will shove #VibeCode|d #AIslop into #CriticalInfrastructure!

• I'd rather expect @OS1337 to be used in some sensitive setups because it's simple and auditable and thus may be permitted as an emergency/recovery boot solution to 'reimage' a system with a factory system image...

Chinese hackers exploited a zero-day in Cityworks, putting US local government systems – from water to energy – at risk. How deep does this breach go for our everyday services?

https://thedefendopsdiaries.com/chinese-hackers-exploit-cityworks-zero-day-vulnerability-in-us-local-governments/

#cybersecurity
#zeroday
#cityworks
#chinesehackers
#criticalinfrastructure

Explore how the aerospace and defense sectors are fortifying themselves against evolving cyber threats. In this episode, we break down the critical role of cybersecurity, regulatory compliance, and the technologies keeping high-stakes operations secure.

#CybersecurityPodcast #AerospaceSecurity #DefenseTech #ComplianceMatters #InfoSec #CriticalInfrastructure #CyberDefense

https://music.amazon.com/podcasts/e9ec3287-f883-486f-b92c-87647caa4336/episodes/66fa472f-4240-48de-ac91-52897fa59d78/techdaily-ai-locked-down-cybersecurity-compliance-in-aerospace-and-defense