network segmentation

Legacy applications may be the backbone of many enterprises, even if they’re running on outdated Windows systems. As businesses rely on these time-tested but vulnerable setups, IT professionals must devise strategies to secure them without compromising the functionality that keeps day-to-day...

Hitachi Energy Relion ICS Vulnerability: A Wake-Up Call for Industrial Security A critical vulnerability has emerged in Hitachi Energy’s Relion 670/650/SAM600-IO series, shaking confidence in some industrial control systems (ICS) used worldwide. While Windows users may not directly operate these...

On February 20, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued eight new advisories aimed at Industrial Control Systems (ICS). These advisories shine a spotlight on security issues, vulnerabilities, and exploits affecting critical systems deployed in a myriad of...

In today’s ever-evolving cybersecurity landscape, vigilance remains paramount—even for industrial control systems. A recent advisory has sounded the alarm on a vulnerability affecting Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor devices. Although primarily deployed in the realm of...

Original release date: May 11, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security...

Original release date: September 1, 2020 Summary This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[Link Removed] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[Link Removed] It...

Original release date: July 24, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902...

Original release date: February 18, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...

Original release date: February 18, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. CISA...

As happened recently with WannaCrypt, we again face a malicious attack in the form of ransomware, Petya. In early reports, there was a lot of conflicting information reported on the attacks, including conflation of unrelated and misleading pieces of data, so Microsoft teams mobilized to...

Original release date: September 06, 2016 Systems Affected Network Infrastructure Devices Overview The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security...

Original release date: August 01, 2015 Systems Affected Microsoft Windows Systems, Adobe Flash Player, and Linux Overview Between June and July 2015, the United States Computer Emergency Readiness Team (US-CERT) received reports of multiple, ongoing and likely evolving, email-based phishing...