Lmst
Login

#otsecurity

ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-23

ICS[AP] Dashboards are updated with the 10 CISA Advisories released on 1/22/26:

Schneider Electric: 1 New
AutomationDirect: 1 New
Rockwell Automation: 1 New
Johnson Controls Inc.: 1 New
Weintek : 1 New
Hubitat: 1 New
Delta Electronics: 1 New
EVMAPA: 1 New
Axis Communications: 1 Update
Hitachi Energy: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

ClarotyClaroty@infosec.exchange
2026-01-21

Are you like other ๐Ÿ‡บ๐Ÿ‡ธ #Federal agencies concerned about budget and delaying critical #OTsecurity projects?

You can address the key first step in #OT and CPS security with comprehensive and accurate #AssetDiscovery in minutes with Claroty Edge.

๐Ÿšซ New hardware
๐Ÿšซ Switch upgrades

โ„น๏ธ Learn more: claroty.com/platform/edge

๐Ÿ“ Download the 'Guardians of Government, Vol. 2: Fortifying the Cyber-Physical Frontier' report: claroty.com/resources/reports/

Marco Ciappelli๐ŸŽ™๏ธโœจ:verified: :donor:Marcociappelli@infosec.exchange
2026-01-21

Securing the decentralized energy grid is one of the most urgentโ€”and overlookedโ€”cybersecurity challenges of our time.

Wind turbines, solar installations, battery storage systems: thousands of distributed assets, thousands of potential entry points, often with no technical staff on-site.

In this Brand Story, we sit down with Rafael Narezzi, Co-Founder and CEO of Cyber Energia, to explore:
โ†’ Why asset owners are now personally liable under regulations like NIS 2.0
โ†’ How a single cyber incident could cost a 98MW wind site $1.9 million in just one week
โ†’ Why the industry built infrastructure at the speed of capital, not security maturity
โ†’ How Cyber Energia translates technical risk into the financial language executives need

"A CEO before the attack is a different CEO after the attack."

๐ŸŽฌ Watch: youtu.be/nXulWSlwjl0

๐ŸŽง Listen: itspmagazine.simplecast.com/ep

__________________________________
This Brand Story was hosted by Sean Martin, CISSP and produced by Studio C60โ€”strategic brand storytelling for cybersecurity and #technology companies.

๐Ÿ”— studioC60.com

#Cybersecurity #OTSecurity #RenewableEnergy #CriticalInfrastructure #NIS2 #GridSecurity #EnergyTransition #CISO Paula Averley, Origin Communications

InfosecK2KInfosecK2K
2026-01-21

โš™๏ธ OT Security When Cyber Hits the Physical World
Cyber incidents can disrupt industrial operations and critical infrastructure. Protect OT with segmentation, access control, and monitoring. ๐Ÿ”’โšก

ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-21

ICS[AP] Dashboards are updated with the 6 CISA Advisories released on 1/20/26:

Schneider Electric: 2 New | 2 Updates
Rockwell Automation: 1 New
Mitsubishi Electric: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-16

ICS[AP] Dashboards are updated with the 15 CISA Advisories released on 1/15/26:

Siemens: 9 New
Schneider Electric: 1 New
Festo: 1 New
AVEVA: 1 New
Axis Communications: 1 Update
Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric: 2 Updates

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

SOC Goulashsoc_goulash@infosec.exchange
2026-01-15

It's been a busy 24 hours in the cyber world with significant updates on recent breaches, major cybercrime infrastructure takedowns, a raft of critical vulnerabilities, and ongoing discussions around AI's impact on security and privacy. Let's dive in:

Recent Cyber Attacks and Breaches โš ๏ธ

- South Korean conglomerate Kyowon Group has confirmed a ransomware attack that disrupted operations and led to the exfiltration of customer data, potentially impacting over 9.6 million accounts.
- In the UK, West Midlands Police are investigating a data breach at a GP surgery in Walsall, with a staff member accused of theft and released on bail.
- These incidents highlight the persistent threat of ransomware and insider threats, even for organisations with significant customer bases or sensitive data.

๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th

Cybercrime-as-a-Service Disrupted: RedVDS Takedown ๐Ÿšจ

- Microsoft, in a coordinated international effort with Europol and German authorities, has disrupted RedVDS, a massive cybercrime-as-a-service platform.
- RedVDS offered disposable virtual Windows cloud servers for as little as $24 a month, enabling criminals to conduct mass phishing, BEC schemes, and account takeovers, leading to an estimated $40 million in US fraud losses since March 2025.
- The operation involved civil lawsuits in the US and UK, seizing malicious infrastructure and taking RedVDS's marketplace offline, revealing that its customers often leveraged AI tools like ChatGPT to craft more convincing phishing lures and impersonations.

๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ“ฐ The Hacker News | thehackernews.com/2026/01/micr
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th

AI Prompt Injection Risks in Anthropic's Cowork ๐Ÿง 

- PromptArmor researchers have demonstrated that Anthropic's new Cowork productivity AI is vulnerable to a Files API exfiltration attack chain, a prompt injection risk previously reported and acknowledged but not fully fixed by Anthropic for Claude Code.
- The attack allows Cowork to be tricked into transmitting sensitive files from connected local folders to an attacker's Anthropic account without additional user approval.
- Anthropic acknowledges prompt injection as an industry-wide issue and advises users to avoid connecting Cowork to sensitive documents, limit its Chrome extension to trusted sites, and monitor for suspicious actions, placing the onus on users to manage this complex risk.

๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th

Critical Vulnerabilities and Active Exploitation ๐Ÿ›ก๏ธ

- **Modular DS WordPress Plugin:** A maximum severity flaw (CVE-2026-23550) in Modular DS (versions 2.5.1 and older), used by over 40,000 WordPress sites, is being actively exploited to bypass authentication and gain admin-level privileges. Users should update to version 2.5.2 immediately.
- **AWS CodeBuild Misconfiguration:** A critical misconfiguration (dubbed CodeBreach) in AWS CodeBuild's webhook filters allowed researchers to take over AWS's own GitHub repositories, including the JavaScript SDK, by bypassing ACTOR_ID filters due to unanchored regex patterns. AWS has since fixed the issue, confirming no customer impact.
- **Google Fast Pair Protocol:** A critical vulnerability (CVE-2025-36911, WhisperPair) in Google's Fast Pair protocol affects hundreds of millions of Bluetooth audio devices, allowing unauthenticated attackers to forcibly pair, track users via Google's Find Hub, and eavesdrop on conversations. Firmware updates from manufacturers are the only defence.
- **Palo Alto Networks PAN-OS DoS:** Palo Alto Networks patched a high-severity DoS vulnerability (CVE-2026-0227) affecting PAN-OS 10.1+ and Prisma Access when GlobalProtect is enabled, allowing unauthenticated attackers to disable firewall protections. While not actively exploited yet, immediate patching is advised given past active exploitation of similar flaws.
- **Delta Industrial PLCs:** Researchers found three critical (CVSS 9.1-9.8) and one high-severity vulnerability in Delta Electronics DVP-12SE11T PLCs, popular in Asian industrial sites, which could allow authentication bypass, password information leakage, or device freezing. Patching is crucial, though challenging in OT environments.

๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ“ฐ The Hacker News | thehackernews.com/2026/01/aws-
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ’ก Dark Reading | darkreading.com/ics-ot-securit

Threat Landscape Commentary ๐Ÿ“Š

- **Oceania's Shifting Targets:** New data from Cyble indicates a shift in attacker focus in Australia and New Zealand from critical infrastructure to non-critical sectors like retail, professional services, and construction, driven by the efficiency of targeting less secure, data-rich environments. Initial access brokers and major ransomware groups like INC, Qilin, Lynx, Akira, and Dragonforce are capitalising on these softer targets.
- **AI Normalises Foreign Influence:** A report from the Foundation for Defense of Democracies highlights how AI, particularly LLMs, inadvertently normalises foreign propaganda by prioritising readily available state-aligned media in citations, as credible independent news sources are often behind paywalls or block AI scraping. This creates a structural issue where users seeking unbiased information are directed towards state-controlled narratives.
- **Vulnerability Reporting Surge:** 2025 saw a record 48,177 CVEs assigned, marking the ninth consecutive year of increase. This surge is attributed more to a healthier, expanding vulnerability reporting ecosystem (especially from WordPress security firms and the Linux Kernel CNA) and the use of LLMs by novice researchers, rather than a direct increase in cyber risk. However, data quality issues in the NVD persist, complicating patching efforts.

๐Ÿ’ก Dark Reading | darkreading.com/cybersecurity-
๐Ÿคซ CyberScoop | cyberscoop.com/the-quiet-way-a
๐Ÿ’ก Dark Reading | darkreading.com/cybersecurity-

Data Privacy and Regulatory Action ๐Ÿ”’

- **GM Banned from Selling Driver Data:** The US Federal Trade Commission (FTC) has finalised an order banning General Motors (GM) and its subsidiary OnStar from selling drivers' precise location and driving behaviour data to consumer reporting agencies for five years. This follows allegations that GM collected data without consent via its "Smart Driver" feature, leading to higher insurance rates.
- **Google Settles Children's Privacy Lawsuit:** Google has agreed to pay $8.25 million to settle a class-action lawsuit alleging it illegally collected data from children under 13 via Android Play Store apps using its AdMob SDK, despite developers pledging COPPA compliance. This follows a separate $30 million settlement regarding YouTube's collection of children's data.

๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ—ž๏ธ The Record | therecord.media/google-youtube

Regulatory Scrutiny on X and AI Content โš–๏ธ

- Ofcom, the UK communications regulator, is continuing its formal investigation into X (formerly Twitter) despite the platform's announcement that it has implemented measures to block its AI chatbot, Grok, from generating non-consensual sexualised images of people.
- X's changes include technological blocks on "nudifying" images and geoblocking the creation of images of real people in revealing clothing in jurisdictions where it's illegal, applying to all users, including paid subscribers, after initial attempts to limit it to paid users drew strong criticism.
- California's Attorney General has also opened an investigation into X over the issue, highlighting growing international pressure on AI platforms to address the creation and dissemination of non-consensual intimate images.

๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ—ž๏ธ The Record | therecord.media/musk-x-grok-bl

Government Cyber Strategy and Leadership ๐Ÿ›๏ธ

- **Germany-Israel Cyber Cooperation:** Germany and Israel have signed a cyber and security cooperation agreement to counter cyber threats and bolster critical infrastructure protection. Germany aims to build its own "cyber dome" based on Israel's semi-automated real-time cyber defence system, exchanging expertise and jointly developing new tools.
- **NSA/Cyber Command Nominee:** Army Lt. Gen. Joshua Rudd, the Trump administration's nominee to lead both US Cyber Command and the National Security Agency, defended his record during a Senate hearing, addressing concerns about his lack of direct digital warfare and intelligence experience by emphasising his leadership background and reliance on the organisations' talent.

๐Ÿ—ž๏ธ The Record | therecord.media/germany-cyber-
๐Ÿ—ž๏ธ The Record | therecord.media/nsa-cyber-comm

#CyberSecurity #ThreatIntelligence #Ransomware #Vulnerabilities #ZeroDay #SupplyChainAttack #AI #PromptInjection #DataPrivacy #RegulatoryCompliance #Cybercrime #InfoSec #IncidentResponse #OTSecurity #ICS

AllAboutSecurityallaboutsecurity
2026-01-15

Angriffsphasen verstehen: Cyber-Kill-Chain in Unternehmens-IT und Industrieanlagen

Cyberangriffe folgen einem erkennbaren Muster, das sich systematisch in Phasen unterteilen lรคsst. Das etablierte Kill-Chain-Modell bietet Sicherheitsverantwortlichen einen Rahmen zur Analyse und Verteidigung.

all-about-security.de/angriffs

USBManagerfuyuan2005
2026-01-15

โš™๏ธ The Future of USB over IP in Industrial Automation Systems
USBManager Server enhances industrial automation by enabling remote access to PLCs, MES, and SCADA systems. As industrial networks shift to IP-based solutions, USB over IP ensures seamless integration while supporting OT security protocols to protect critical infrastructure from cyber threats.
Learn more ๐Ÿ‘‰ usbmanager.net/the-future-of-u

USB over IP
SOC Goulashsoc_goulash@infosec.exchange
2026-01-14

It's been a busy 24 hours in the cyber world with a flurry of significant data breaches, critical vulnerabilities (including an actively exploited zero-day), and some fascinating new threat intelligence on malware and attack techniques. Let's dive in:

Recent Cyber Attacks and Breaches ๐Ÿšจ

- Multiple organisations have reported data breaches, affecting millions of individuals. Monroe University disclosed a 2024 breach impacting over 320,000 people, exposing personal, financial, and health data. Spanish energy giant Endesa is investigating claims of a 1.05 TB data theft affecting 20 million customers.
- Australia's Victorian Department of Education reset student passwords after an attack exposed names, school details, and encrypted passwords, while cloud marketplace Pax8 accidentally exposed internal business and Microsoft licensing data for 1,800 MSP partners.
- Eurail confirmed a breach exposing passport numbers, bank details, and even photocopies of IDs for some DiscoverEU travellers. In Belgium, AZ Monica hospitals were hit by a cyberattack, forcing surgery cancellations and the transfer of critical patients, likely due to ransomware. Poland also thwarted a major cyberattack on its power grid, attributing it to Russia.
- Ukraine's Defense Forces were targeted in a charity-themed campaign by the Russian 'Void Blizzard' (aka 'Laundry Bear') group, delivering the PluggyApe backdoor via malicious PIF files in instant messages.

๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ—ž๏ธ The Record | therecord.media/belgium-hospit
๐Ÿ—ž๏ธ The Record | therecord.media/poland-cyberat
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu

New Threat Research and Tradecraft ๐Ÿ›ก๏ธ

- North Korea's IT worker scheme and cryptocurrency heists continue to fund its weapons program, impacting over 40 countries. The U.S. urged UN member states to take tougher action, highlighting the sophisticated identity theft and remote work fraud used by these actors.
- A new, advanced cloud-native Linux malware framework, VoidLink, has been discovered. Written in Zig, Go, and C, it features custom loaders, implants, rootkits, and over 30 plugins designed for modern cloud environments (Kubernetes, Docker, AWS, GCP, Azure), with sophisticated anti-analysis and anti-forensics capabilities.
- Researchers identified a "Reprompt" attack method that could hijack Microsoft Copilot sessions, allowing attackers to exfiltrate sensitive data via hidden malicious prompts in URLs. This leverages parameter-to-prompt injection, double-request, and chain-request techniques to bypass safeguards.
- The DeadLock ransomware gang is using Polygon smart contracts to hide their command-and-control (C2) infrastructure, making it difficult for defenders to block their operations. This novel technique allows for frequent rotation of proxy server URLs, a method also observed with North Korean state-sponsored attackers.
- Microsoft, in collaboration with international law enforcement, disrupted RedVDS, a fast-growing cybercrime-as-a-service marketplace. RedVDS facilitated over $40 million in fraud, providing cybercriminals with disposable virtual computers for phishing, business email compromise, and real estate scams.
- Predator spyware operators are using sophisticated anti-analysis techniques, including an error code system (e.g., "error code 304" for security tools detected) to diagnose failed infections and evade researchers. It also suppresses crash logs and can detect network monitoring by privacy-conscious users.
- The Kimwolf botnet, a splinter of the Aisuru DDoS botnet, has rapidly grown to over 2 million infected unofficial Android TV devices. Its operators abuse residential proxy networks for local control, primarily targeting Minecraft servers with short, high-volume DDoS attacks.

๐Ÿ—ž๏ธ The Record | therecord.media/40-countries-i
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿคซ CyberScoop | cyberscoop.com/microsoft-seize
๐Ÿ—ž๏ธ The Record | therecord.media/microsoft-redv
๐Ÿคซ CyberScoop | cyberscoop.com/predator-spywar
๐Ÿคซ CyberScoop | cyberscoop.com/kimwolf-aisuru-

Vulnerabilities and Exploitation โš ๏ธ

- Microsoft's January Patch Tuesday addressed 112 vulnerabilities, including one actively exploited information disclosure zero-day (CVE-2026-20805) in Desktop Window Manager. This medium-severity flaw (CVSS 5.5) can leak memory addresses, potentially aiding privilege escalation or arbitrary code execution, and CISA has added it to its Known Exploited Vulnerabilities catalog.
- Vulnerabilities in popular AI/ML Python libraries (NeMo, Uni2TS, FlexTok) used in Hugging Face models allow remote attackers to hide and execute malicious code in metadata. These RCE flaws, tracked by CVEs, stem from improper use of Hydra's instantiate() function, affecting models with millions of downloads.
- A "most severe AI-driven vulnerability to date" in ServiceNow's Virtual Agent chatbot allowed arbitrary attackers to gain full platform control. Authentication issues (universal credential, email-only user impersonation) combined with agentic AI capabilities enabled admin account creation and lateral movement to connected systems.
- A critical Node.js vulnerability (CVE-2025-59466, CVSS 7.5) can cause server crashes via async_hooks stack overflow, leading to denial-of-service. This impacts numerous frameworks and APM tools like React Server Components, Next.js, and Datadog, as Node.js exits instead of gracefully handling the exception.
- Exploit code has been publicly released for a critical FortiSIEM command injection flaw (CVE-2025-25256), allowing unauthenticated remote attackers to execute commands or code. The vulnerability, a combination of arbitrary write with admin permissions and privilege escalation to root, affects versions 6.7 to 7.5.

๐Ÿคซ CyberScoop | cyberscoop.com/microsoft-patch
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ—ž๏ธ The Record | therecord.media/desktop-window
๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿšจ Dark Reading | darkreading.com/remote-workfor
๐Ÿ“ฐ The Hacker News | thehackernews.com/2026/01/crit
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu

Threat Landscape Commentary ๐ŸŒ

- Taiwan is experiencing a significant increase in cyber pressure from China, with an average of 2.63 million attacks daily in 2025, a 6% rise from the previous year. Energy infrastructure saw a tenfold increase, and emergency/hospital systems a 54% jump, indicating a deliberate attempt to disrupt critical infrastructure during both peacetime and potential conflict.
- Western cyber agencies, including the NCSC, CISA, and FBI, have issued new guidance warning about growing digital threats to industrial operational technology (OT). With OT systems increasingly connected, they present a larger attack surface for ransomware gangs and state-backed hackers, necessitating strong authentication, network segmentation, and minimised remote access.

๐Ÿšจ Dark Reading | darkreading.com/cyber-risk/tai
๐Ÿ—ž๏ธ The Record | therecord.media/cyber-agencies

Data Privacy ๐Ÿ”’

- California's Attorney General has launched an investigation into xAI's Grok AI tool over allegations it's being used to create nonconsensual sexually explicit deepfakes of women and children. This follows similar probes by the UK's Ofcom and the Paris Prosecutor's Office, highlighting growing regulatory concern over AI-generated content.
- The California Privacy Protection Agency (CPPA) Board has appointed Nicole Ozer, a privacy and surveillance expert and former ACLU leader, as a new member. This appointment is expected to significantly influence the agency's data privacy policy decisions.

๐Ÿ—ž๏ธ The Record | therecord.media/california-gro
๐Ÿคซ CyberScoop | cyberscoop.com/california-ag-i
๐Ÿ—ž๏ธ The Record | therecord.media/ccpa-appoints-

Regulatory Issues and Changes โš–๏ธ

- France's data protection regulator, CNIL, has fined telecom companies Free and Free Mobile a collective โ‚ฌ42 million ($48.9 million) for GDPR violations stemming from an October 2024 data breach that compromised over 24 million customer records, including IBANs. The fines were due to inadequate security measures (weak VPN authentication, ineffective detection), insufficient breach notification, and excessive data retention.

๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿ—ž๏ธ The Record | therecord.media/france-data-re
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/secu

Government Staffing and Program Changes ๐Ÿ›๏ธ

- Alex Fitzsimmons, acting director of the Department of Energyโ€™s Office of Cybersecurity, Energy and Emergency Response (CESER), endorsed new cybersecurity bills for the energy sector and highlighted a new AI-driven cyber defence program, AI-FORTS. This comes amidst Democratic concerns over thousands of job cuts at the Department of Energy impacting cybersecurity and reliability.
- Sean Plankey has been re-nominated by President Trump to lead the Cybersecurity and Infrastructure Security Agency (CISA). His previous nomination stalled in the Senate last year due to holds from Senators over unrelated issues.

๐Ÿคซ CyberScoop | cyberscoop.com/ceser-chief-tou
๐Ÿคซ CyberScoop | cyberscoop.com/sean-plankey-re

Everything Else ๐Ÿ’ก

- Anthropic, an AI upstart, has invested $1.5 million in the Python Software Foundation (PSF) to enhance security in the Python ecosystem, specifically CPython and the Python Package Index (PyPI). This aims to protect millions of PyPI users from supply-chain attacks and could benefit other open-source package repositories.
- Microsoft has resolved a known issue where security applications were incorrectly flagging a core Windows component, WinSqlite3.dll, as vulnerable to a memory corruption flaw (CVE-2025-6965). The update addresses these false positive detections across various Windows client and server platforms.

๐Ÿ•ต๐Ÿผ The Register | go.theregister.com/feed/www.th
๐Ÿค– Bleeping Computer | bleepingcomputer.com/news/micr

#CyberSecurity #ThreatIntelligence #DataBreach #Ransomware #Vulnerability #ZeroDay #APT #Malware #AI #CloudSecurity #OTSecurity #GDPR #InfoSec #PatchTuesday #IncidentResponse

ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-14

ICS[AP] Dashboards are updated with the Four CISA Advisories released on 1/13/26:

Rockwell Automation: 2 New
YoSmart: 1 New
Guralp Systems: 1 Updates

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

ClarotyClaroty@infosec.exchange
2026-01-13

We partnered with MeriTalk to uncover how #federal agencies are strengthening cyberโ€‘physical systems security, addressing gaps, and advancing mission resilience across critical infrastructure environments.

๐Ÿ“„ Download the report: claroty.com/resources/reports/

#FederalCyber #CPS #OTSecurity #CriticalInfrastructure #Claroty #MeriTalk

TechNadutechnadu@infosec.exchange
2026-01-13

Most OT disruptions donโ€™t start in OT systems.

Almog Apirion, CEO & Co-Founder of Cyolo, explains how identity and access gaps in IT environments are forcing OT systems offline โ€” even without destructive malware.

Full interview:
technadu.com/where-many-ot-dis

#OTSecurity #ZeroTrust #IdentityAccess #CriticalInfrastructure

Where Many OT Disruptions Begin: Gaps in IT Access and Identity Controls
Theevolvedgetheevolvedgetechnology
2026-01-13

#1 OT/ICS CYBERSECURITY TRAINING AND DCS TRAINING IN DELHI NCR AND IN INDIA

Visit - www.theevolvedge.com
mail - info@theevolvedge.com
phone no- +917982403420
+919311805027

TechNadutechnadu@infosec.exchange
2026-01-10

Cyber risk exposure within water and wastewater systems continues to evolve.

Operational technology environments, aging infrastructure, and fragmented utility ownership increase the challenge of implementing consistent cybersecurity controls. Recent advisories have highlighted common weaknesses such as exposed interfaces and limited access controls.

Even without mandatory regulation, foundational practices - patching, access management, incident response planning, and OT segmentation - remain effective risk reducers.

What practical cybersecurity measures have you seen work in resource-constrained environments?

Engage in the discussion and follow @technadu for objective infosec reporting.

Source: fticonsulting.com/insights/art

#InfoSec #OTSecurity #CriticalInfrastructure #CyberRisk #WaterSystems #CyberResilience #TechNadu

Understanding the Cyber Risks Flooding the Water and Wastewater Systems Sector
Adversary VillageAdversaryVillage@defcon.social
2026-01-09

๐ŸŽฅWatch the video recording of the talk: โ€œOperational Twilight: APTs, OT, and the geopolitics of a dying climate.โ€ from Adversary Village at @defcon 33 Creator Stage, delivered by Cybelle O., Cyber Threat Intelligence Researcher at Malwarelandia.
youtu.be/Ekp5iMPEgVw?si=lZMd2Z

#AdversaryVillage #DEFCON33 #AccessEverywhere #APTs #OTSecurity #ThreatIntelligence #AdversaryTradecraft

ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-09

ICS[AP] Dashboards are updated with the Six CISA Advisories released on 1/8/26:

Hitachi Energy: 1 New
Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric: 5 Updates

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

SpaceCoastSecspacecoastsec
2026-01-09

๐Ÿš€๐Ÿ“ก Join SpaceCoastSec virtually Fri, Jan 16 โ€ข 7:00 PM EST for โ€œIgnition Under Fireโ€ w/ Paul Coggin and DCG256 โ€” rocket propulsion cyber attack vectors + Zero Trust. RSVP: meetup.com/spacecoastsec/event ๐Ÿ“ก๐Ÿš€

TechNadutechnadu@infosec.exchange
2026-01-07

CISA has disclosed multiple vulnerabilities affecting Columbia Weather Systems MicroServer firmware used in IT and control system environments.

While no active exploitation is currently known, potential impacts include redirected communications, administrative access, and limited shell exposure. CISA recommends minimizing network exposure and applying defense-in-depth strategies.

Another reminder that embedded systems require the same rigor as enterprise infrastructure.

Source: cisa.gov/news-events/ics-advis

Follow TechNadu for objective infosec updates.

#Infosec #ICS #OTsecurity #CriticalInfrastructure #CISA #Vulnerabilities

Columbia Weather Systems MicroServer
ICS Advisory ProjectAdvisoryICS@infosec.exchange
2026-01-07

ICS[AP] Dashboards are updated with the One New CISA Advisory released on 1/6/26:

Columbia Weather Systems.: 1 New

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

Client Info

Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst