Security News

  • Cybersecurity is a Team Sport

    10 hours 30 minutes ago
    Enterprise security goes beyond tech leadership, and beyond the CISO's office. Achieving cybersecurity and resilience is a team effort, and requires building a culture of security awareness. 
  • CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs

    19 hours 30 minutes ago

    Today, CISA, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) released a joint Cybersecurity Advisory (CSA) IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the active exploitation of Unitronics programmable logic controllers (PLCs) in multiple sectors, including U.S. Water and Wastewater Systems (WWS) facilities, by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated advanced persistent threat (APT) cyber actors. 

    IRGC-affiliated cyber actors using the persona “CyberAv3ngers” are actively targeting and compromising Israeli-made Unitronics Vision Series PLCs that are publicly exposed to the internet, through the use of default passwords. The PLCs may be rebranded and appear as different manufacturers and company names. 

    All organizations, including U.S. Water and Wastewater Systems Facilities, are encouraged to review this joint CSA and implement the recommended actions and mitigations. The mitigations are based on threat actor activity against Unitronics PLCs but apply to all internet-facing PLCs.