Category: Exploits & Attacks

January 20th, 2022 by John

Supply chain security can refer to suppliers who provide services, staffing, support, or who develop software/hardware. The supply chain is varied and different across industry segments and organizations. If you consider the development of applications or electronics, there may be a long list of companies who contribute to the final product. The longer the supply chain and the less visibility you have into (or ability to assess) each supplier, the higher the overall complexity and resulting risk to your organization.

Let’s consider the software that we use in our own organizations. There is a lot of it. Do you have a complete inventory of the software you have running on your endpoints, or supporting business processes? Having a granular software inventory and an approved enterprise application catalog is a starting point. The granular information you need includes: “Who owns and makes decisions about the application?” “Who supports and patches it?” “Who budgets for and pays for licenses?” “What is the application architecture and how does it communicate?” Having a central trusted software inventory (this may differ between desktops and servers) is a starting point. Read More

Posted in Blog, Cybersecurity & Infosec, Exploits & Attacks, Resiliency, Risk Management, Supply Chain

March 17th, 2020 by John

Armis has published a list of MITRE ATT&CK techniques to aid security practitioners in assessing the strength of their cyber defenses and improve their ability to protect industrial control systems (ICS). #ICS #industrialcybersecurity #OT 

Here are links to the 4 parts in the series. Read More

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA

October 7th, 2019 by John

As power grid evolves, so must cybersecurity.

//cdn.iframe.ly/embed.js

Posted in Critical Infrastructure, Cybersecurity & Infosec, Exploits & Attacks, Governance, IoT, IIoT, ICS-SCADA

October 7th, 2019 by John
//cdn.iframe.ly/embed.js

Posted in Exploits & Attacks, Malware, PUPs and Botnets, Scams & Ransomware

April 30th, 2019 by John

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA

April 1st, 2019 by John

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA

March 20th, 2019 by John

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA, Supply Chain

December 16th, 2018 by John

Posted in Exploits & Attacks, Kids