Blog
Blog
Sensible computing
95% of cyber security breaches are caused by human error, according to the 2020 IBM Cyber Security Intelligence Index Report. Below is a list of good computing practices to help you reduce the risk of falling victim to computing fraud. Verify Recipients...
Havex’s Tactics and Techniques in the Enterprise domain + mitigations
Havex is a Remote Access Trojan (RAT) that has been used in the Global Energy Sector Intrusion Campaign that started around the year 2013 and has been reported on by Seqred in its previous blog entries earlier this year – after Alert (AA22-083A), the...
Smart Home Security & Privacy
Smart technology is affecting all areas of our lives. The possibility to have the access and control over everything at our fingertips at any time from any place is very tempting and offers many advantages, however it all comes at a security and privacy cost...
Critical ROCKWELL AUTOMATION PLCs vulnerabilities
On the last day of March this year, CISA released two industrial Controls System Advisories (CSAs) describing vulnerabilities affecting numerous versions of Rockwell’s Logix Controllers and several versions of its Studio 5000 Logix Designer application. The...
Compute in the cloud relevant security considerations
Cloud computing is fundamentally based on pooling resources and virtualisation is the technology used to convert fixed infrastructure into these pooled resources. At its most basic, virtualisation abstracts resources from their underlying physical assets....
TRITON’s Tactics and Techniques in the ICS domain
TRITON malware was originally deployed in 2017 to disrupt the operations of a petrochemical plant in Saudi Arabia and it has recently made headlines on the occasion of an indictment by the U.S Department of Justice in a case of a Global Energy Sector...
Mobile Device Security
Last week we covered the topic of email security. And as mentioned at that time the second most common way used to communicate these days, apart from email, are mobile devices, especially smartphones. They are great devices that make our busy lives easier to...
‘Pipedream’ – a surfacing threat targeting Industrial Control Systems (ICS)
Two weeks ago, Dragos, the US-based industrial cybersecurity expert, reported it has identified and analysed a new Industrial Control Systems (ICS)-specific malware named PIPEDREAM. This malware is a modular ICS attack framework that can be used to disrupt,...
Email Security Enhancement
The first email was sent over 50 years ago, and it remains the most popular form of communication (along with the mobile phone) these days. According to Statista we have been sending approximately 320 billion emails every single day in 2021. And this figure...
Havex’s Tactics and Techniques in the ICS domain + mitigations
Just under a month ago, the Cybersecurity & Infrastructure Security Agency (CISA) issued a joint Cybersecurity Advisory (CSA) containing details of a Global Energy Sector Intrusion Campaign executed between 2011 and 2018 by the Russian FSB. During that...