episode-header-image

Jul 2023

40m 48s

The IT/OT cultural divide in the federa...

About this episode

Japan’s largest port disrupted by ransomware. Cl0p breaches Schneider Electric and Siemens Energy. Solar panel vulnerabilities. Threats and risks to electric vehicle charging stations. RedEnergy ransomware and information stealer targets industrial sectors. CISA advisories.

Our guest is Christopher Ebley from Blackwood returns to discuss the IT/OT cultural divide in the federal space and IT threats that are impacting OT systems.

The Learning Lab continues with part 2 of the 3-part discussion between Dragos’ Mark Urban and Vulnerability Analyst Logan Carpenter talking about vulnerabilities in the OT world.

Control Loop News Brief.

Japan’s largest port disrupted by ransomware.

Japan’s largest port stops operations after ransomware attack (BleepingComputer)

Japan's biggest port, Nagoya, hit by suspected cyberattack (Nikkei Asia)

Pro-Russian hackers target Port of Nagoya, disrupting loading of Toyota parts (The Japan Times)

Nagoya Port Resumes Some Operations After Ransomware Attack (Bloomberg)

Cl0p breaches Schneider Electric and Siemens Energy.

Schneider Electric and Siemens Energy are two more victims of a MOVEit attack (SecurityAffairs)

Siemens Energy confirms data breach after MOVEit data-theft attack (BleepingComputer)

Solar panel vulnerabilities.

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks (SecurityWeek)

IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits (Unit 42)

Actively Exploited Industrial Control Systems Hardware - SolarView Series (VulnCheck)

Threats and risks to electric vehicle charging stations.

EV Charger Hacking Poses a ‘Catastrophic’ Risk (WIRED)

RedEnergy ransomware and information stealer targets industrial sectors.

Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks (Zscaler)

CISA advisories.

CISA Releases Three Industrial Control Systems Advisories (CISA)

Control Loop Interview.

The interview is with Christopher Ebley of Blackwood talking about the IT/OT cultural divide in the federal space and IT threats impacting OT systems.

Control Loop Learning Lab.

On the Learning Lab, Mark Urban is joined by Dragos Vulnerability Analyst Logan Carpenter in part two of three segments on vulnerabilities in the OT world.

Control Loop OT Cybersecurity Briefing.

A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Digging into regulatory compliance issues.

UK will propose law to ban ransom payments for critical infrastructure entities. EPA outlines enforcement measures to protect water utilities against cyberattacks. Rockwell advises customers to disconnect ICS devices from the internet. Senator Vance asks CISA for information on V ... Show More

Hacktivism targeting OT devices.

US Defense Department warns of Russian hacktivists targeting OT devices. The US government establishes safety and security board to advise the deployment of AI in critical infrastructure sectors. Vulnerabilities affect CyberPower UPS management software. US congressmen put forwar ... Show More

Critical infrastructure: Pending legislation and risks and rewards from AI.

Mandiant ties OT attacks to Sandworm. Russia-linked hackers target Texas water utilities. Belarusian hacktivists hit fertilizer company. CISA issues eight ICS advisories. Dave Bittner's Caveat podcast co host Ben Yelin joins him to discuss pending legislation with potential to af ... Show More

Recommended Episodes

UK’s newest cybersecurity MVPs.

The UK designates data centers as Critical National Infrastructure. Cisco releases patches for multiple vulnerabilities in its IOS XR network operating system. BYOD is a growing security risk. A Pennsylvania healthcare network has agreed to a $65 million settlement stemming from ... Show More

Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war.

CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovere ... Show More

All systems not go.

SentinelOne suffers a global service outage. A major DDoS attack hits a Russian internet provider. U.S. banking groups urge the SEC to scrap cybersecurity disclosure rules. Australia mandates reporting of ransomware payments. Researchers uncover a new Browser-in-the-Middle (BitM) ... Show More

Cyber Security Today: Year End Panel Discussion. Saturday, December 21, 2024

Cybersecurity Year in Review: Future Challenges and Industry Insights Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events of the p ... Show More

DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025

Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn ... Show More

DeepSeek - New AI Disruptor Gets Hit With Cyber Attack: Cyber Security Today for Wednesday, January 29, 2025

Navigating AI Cyber Threats and Critical Infrastructure Vulnerabilities In this episode of Cybersecurity Today, host Jim Love discusses the recent cyber attack on AI platform DeepSeek that exploited open source vulnerabilities. He highlights significant challenges in U.S. cyberse ... Show More

Hardcoded credentials and hard lessons.

Researchers uncover serious vulnerabilities in the Signal fork reportedly used by top government officials. CISA adds a second Commvault flaw to its Known Exploited Vulnerabilities catalog. xAI exposed a private API key on GitHub for nearly two months. FortiGuard uncovers a cyber ... Show More

Listen to millions of songs and podcasts on Anghami