logo
episode-header-image
Aug 2022
45m 58s

Executive discussions and how to communi...

N2K Networks
About this episode

DOE invests in securing the US power grid. CISA’s recent ICS security advisories. Industroyer2 makes an appearance in Ukraine. DDoS attack against Energoatom’s website. Ransomware trends and the threat to OT systems. Ransomware gang attempts to extort the wrong water company.

Control Loop News Brief.

DOE invests in securing the US power grid. 

DOE invests $45 million in cyber technology that protects power sector (The Hill) 

CISA’s recent ICS security advisories.

Cisco Releases Security Update for Multiple Products (CISA)

Siemens Simcenter STAR-CCM+ (CISA)

Siemens Teamcenter (CISA) 

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 (CISA)

Emerson ROC800, ROC800L and DL8000 (CISA)

Siemens SICAM A8000 Web Server Module (CISA) 

Siemens SICAM TOOLBOX II (CISA)

Siemens SCALANCE (CISA) 

Siemens SIMATIC S7-400 (CISA) 

Siemens Industrial Products Intel CPUs (Update A) (CISA) 

Siemens Industrial Products LLDP (Update B) (CISA) 

Siemens Linux-based Products (Update G) (CISA) 

Siemens Datalogics File Parsing Vulnerability (CISA)

Siemens S7-400 CPUs (Update A) (CISA)

Siemens SIMATIC Software Products (Update B) (CISA) 

Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update B) (CISA)

Baxter Sigma Spectrum Infusion Pumps (Update B) (CISA)

Siemens Industrial Products with OPC UA (Update H) (CISA)

Siemens PROFINET Stack Integrated on Interniche Stack (CISA) 

Siemens TIA Portal (Update C) (CISA) 

Siemens Teamcenter (CISA) 

Siemens Industrial Devices using libcurl (CISA)

Siemens SIMATIC WinCC and PCS (CISA)

Siemens Teamcenter (CISA)

Siemens Industrial Products (CISA)

Siemens OpenSSL Vulnerabilities in Industrial Products (CISA)

Siemens RUGGEDCOM ROS (CISA) 

Simcenter Femap and Parasolid (CISA) 

Siemens SRCS VPN Feature in SIMATIC CP Devices (CISA) 

Yokogawa CENTUM Controller FCS (CISA)

LS ELECTRIC PLC and XG5000 (CISA)

Delta Industrial Automation DRAS (CISA)

Softing Secure Integration Server (CISA)

B&R Industrial Automation Automation Studio 4 (CISA)

Emerson Proficy Machine Edition (CISA)

Sequi PortBloque S (CISA)

Siemens Industrial Products with OPC UA (CISA)

Siemens Linux-based Products (Update J) (CISA)

Siemens Industrial Products LLDP (Update D) (CISA)

Siemens OpenSSL Affected Industrial Products (Update B) (CISA)

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update A) (CISA)

Mitsubishi Electric Multiple Factory Automation Products (Update A) (CISA)

Industroyer2 makes an appearance in Ukraine. 

Ukraine cyber chief pays surprise visit to 'Black Hat' hacker meeting in Las Vegas (Reuters) 

Black Hat 2022‑ Cyberdefense in a global threats era (WeLiveSecurity) 

DDoS attack against Energoatom’s website. 

Ukraine’s state-owned nuclear power operator said Russian hackers attacked website (The Record) 

Ransomware trends and the threat to OT systems. 

Dragos Industrial Ransomware Analysis: Q2 2022 (Dragos) 

Ransomware gang attempts to extort the wrong water company.

Hackers attack UK water supplier but extort wrong company (BleepingComputer)

Control Loop Interview.

Jason Christopher, Director of Cyber Risk at Dragos, Boards and threat-informed industrial risk management

Control Loop Learning Lab.

David Foose, Senior Product Manager at Dragos, talking with Mark Urban of Dragos about SCADA.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Jun 2024
Digging into regulatory compliance issues.
UK will propose law to ban ransom payments for critical infrastructure entities. EPA outlines enforcement measures to protect water utilities against cyberattacks. Rockwell advises customers to disconnect ICS devices from the internet. Senator Vance asks CISA for information on V ... Show More
18m 23s
May 2024
Hacktivism targeting OT devices.
US Defense Department warns of Russian hacktivists targeting OT devices. The US government establishes safety and security board to advise the deployment of AI in critical infrastructure sectors. Vulnerabilities affect CyberPower UPS management software. US congressmen put forwar ... Show More
24m 36s
May 2024
Critical infrastructure: Pending legislation and risks and rewards from AI.
Mandiant ties OT attacks to Sandworm. Russia-linked hackers target Texas water utilities. Belarusian hacktivists hit fertilizer company. CISA issues eight ICS advisories. Dave Bittner's Caveat podcast co host Ben Yelin joins him to discuss pending legislation with potential to af ... Show More
24m 20s
Recommended Episodes
Sep 2024
UK’s newest cybersecurity MVPs.
The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More
34m 29s
Jul 2023
Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war.
CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovere ... Show More
32m 18s
May 30
All systems not go.
SentinelOne suffers a global service outage. A major DDoS attack hits a Russian internet provider. U.S. banking groups urge the SEC to scrap cybersecurity disclosure rules. Australia mandates reporting of ransomware payments. Researchers uncover a new Browser-in-the-Middle (BitM) ... Show More
37m 5s
Dec 2024
Cyber Security Today: Year End Panel Discussion. Saturday, December 21, 2024
Cybersecurity Year in Review: Future Challenges and Industry Insights Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the p ... Show More
52m 28s
Jan 2025
DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025
Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn ... Show More
9m 20s
Jan 2025
DeepSeek - New AI Disruptor Gets Hit With Cyber Attack: Cyber Security Today for Wednesday, January 29, 2025
Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cyberse ... Show More
5m 17s
May 5
Hardcoded credentials and hard lessons.
Researchers uncover serious vulnerabilities in the Signal fork reportedly used by top government officials. CISA adds a second Commvault flaw to its Known Exploited Vulnerabilities catalog. xAI exposed a private API key on GitHub for nearly two months. FortiGuard uncovers a cyber ... Show More
29m 46s