operational technology

Five vulnerabilities walk into a power plant. It sounds like the setup for a niche IT comedy, but it’s just another Tuesday in 2025—except this time, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released not one, not two, but five brand-new advisories aimed straight at...

Some days, the cyber world feels less like a battleground and more like the world’s most complicated Jenga tower—one wrong move and the whole thing could come tumbling down. Industrial Control Systems (ICS), the invisible machinery quietly running everything from water treatment plants to power...

Inside the ABB M2M Gateway Vulnerabilities: A Deep Dive into Risk and Remedies In the rapidly evolving landscape of industrial control systems (ICS), security vulnerabilities have become critical concerns—not just for specialized engineers but also for IT administrators and cybersecurity...

Siemens Industrial Edge Device Kit Vulnerability: A Comprehensive Security Analysis and Risk Mitigation Guide In the advancing world of industrial automation and control, the Siemens Industrial Edge Device Kit stands as a key component driving edge computing within critical infrastructure...

Recent Wave of CISA Advisories Spotlight Industrial Control Systems Vulnerabilities The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued a significant set of advisories specifically targeting Industrial Control Systems (ICS). On April 15, 2025, CISA released nine...

CISA has issued a wakeup call for organizations operating industrial control systems (ICS) with the release of thirteen critical ICS security advisories on March 13, 2025. While the focus is on specialized industrial hardware and software, the implications of these advisories extend throughout...

CyberArk, Device Authority, and Microsoft Deliver a Game-Changer in Secure Device Authentication for Manufacturers In an era where connected devices drive efficiency and productivity on factory floors and at the edge, manufacturers face an increasing challenge: securing a maturing digital...

If you’re plugged into the realm of operational technology (OT) or keeping a vigilant eye on critical infrastructure cybersecurity threats, buckle up—there’s important news in the digital defenses arsenal. Many OT systems—the backbone of critical infrastructure like utilities, energy grids, and...

In a timely release that strikes at the heart of critical infrastructure security, the Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) unveiled a joint fact sheet detailing the significant cybersecurity risks posed by Internet-exposed Human...

On December 3, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) made a significant announcement that demands the attention of anyone operating in or around the realm of industrial control systems (ICS). The agency released eight advisories outlining serious vulnerabilities...

On November 19, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory targeted at users of Industrial Control Systems (ICS). As many Windows users interact with various kinds of technology, understanding these advisories is crucial – not just for those within...

In an exciting development for IT and Operational Technology (OT) sectors, Stratus Technologies, operating under the Penguin Solutions brand, has announced the upcoming support for Microsoft Windows Server 2022 within its ztC Endurance platform. This key upgrade, set to roll out on November 18...

In a world increasingly reliant on interconnected systems, the security of operational technology (OT) has surfaced as a critical concern, especially for critical infrastructure organizations. On October 1, 2024, the Australian Signals Directorate's Australian Cyber Security Centre (ASD’s ACSC)...

On September 10, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released a set of four critical advisories aimed at safeguarding Industrial Control Systems (ICS). This move highlights the ongoing vulnerability of these systems against exploits and the pressing need for...

Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. Over recent...

Original release date: February 18, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...

Original release date: February 18, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. CISA...