Blog
Blog
KOSTOVITE, KAMACITE & XENOTIME – 2022 update
Alongside the CHERNOVITE and BENTONITE new threat groups which emerged in 2022, there have been several other Active Threat players which have emerged in recent years. In its Year in Review Report 2022, Dragos gives an update on the most noticeable of them:...
ENISA’s Threat Landscape Report 2022 – Part 4 – Malware
Malware is any software or firmware that performs unauthorised processes with negative impacts on system confidentiality, integrity, or availability. Examples of malicious code include viruses, worms, trojan horses, spyware, and adware. Malware is commonly...
CHERNOVITE and BENTONITE – New Threats of 2022
Only some two weeks ago, towards the end of February 2023, Dragos released its 6th year running ‘ICS/OT Cybersecurity year in review’. Today we will look at the two new threat groups Dragos discovered in 2022. 1. CHERNOVITE First reported on in May 2022...
ENISA’s Threat Landscape Report 2022 – Part 3 – Ransomware
In the 2022 report, ENISA's Threat Landscape for Ransomware Attacks, ransomware is defined as an attack where the threat actors take control of someone's assets and demand a ransom in exchange for giving back access to those assets. The report covers the...
Asset visibility for defendable OT
Asset visibility is a critical component of a strong OT cybersecurity strategy. It is the process of identifying and tracking all assets within an OT environment, including industrial control systems (ICS), endpoints, and network devices. There are several...
ENISA’s Threat Landscape Report 2022 – Part 2 – Prime Threats by Proximity and Sector
Prime Threats by Proximity to the EU In the context of the ENISA Threat Landscape, it is crucial to take into account the proximity of cyber threats to the European Union (EU). This is essential for assisting analysts in evaluating the severity of cyber...
How to effectively utilise MITRE ATT&CK for ICS
MITRE ATT&CK is a knowledge base of cyber attacker TTPs that catalogs behaviours, providing a visual representation of attack patterns that can help detect and respond effectively to attacks. However, it was initially designed for enterprise IT, so MITRE...
ENISA’s Threat Landscape Report 2022 – Part 1 – Introduction
For the past ten years, ENISA – The European Union Agency for Cybersecurity – has been comprising an annual report on the status of the cybersecurity threat landscape. The document outlines the most significant threats, notable patterns concerning them, the...
MITRE ATT&CK for ICS – a tool for challenging times
As critical infrastructure around the world faces a growing number of potential industrial threats that could potentially disrupt an organization's operational technology (OT) infrastructure or assets, the task of building a robust cyber defense is becoming...
Cloud Computing – 2022 Top Threats – part 6
Cloud Storage Data Exfiltration The exfiltration of data from cloud storage refers to the unauthorized access, viewing, theft, or usage of sensitive, confidential, or protected information by someone outside of the organization's control. This can be the...