OT Security

As the worlds of IT and OT converge, traditional network segmentation falls short, exposing risks in the critical environments that keep energy flowing and shelves stocked. Conventional security tools fail to identify these gaps, with serious repercussions for operators. At runZero, we empower defenders to win by default through comprehensive disco...

Security Affairs reports that multiple energy sector organizations across the Middle East have been subjected to attacks from newly emergent Iran-linked threat operation Nasir Security amid intensifying geopolitical tensions in the region.

Experts warn that the botnet operators will likely regroup and come back stronger, armed with AI.

HP's study indicates that 56% of SMBs have reported at least one print-related data loss incident in the past year.

SocksEscort utilized malware, identified as AVrecon, to infect home and small business routers, including devices from brands like Cisco, D-Link, and Netgear.

In the security news this week: The XZ backdoor documentary Zero days - the clock isn't ticking Vulnerability Mis-Management Reversing traffic light controllers Reversing with Claude Don't curl to bash! Reading CVEs makes my head hurt Dumping browser secrets I open-sourced a new(ish) tool D-LINK exploits There is no password I control the buildin...

KadNap operates as a peer-to-peer network, utilizing a custom version of the Kademlia Distributed Hash Table (DHT) protocol to communicate with its command-and-control (C2) infrastructure.

Medical devices are a special segment of the IoT world where availability and patient safety are paramount. Tamil Mathi explains why many devices need to fail open -- the opposite of what traditional appsec approaches might initially think -- and what makes threat modeling these devices interesting and unique. He also covers how to get started in t...