Sellafield nuclear waste site to be prosecuted for alleged cybersecurity failings. CISA issues draft proposal for cyber incident reporting by critical infrastructure entities. Threat actor targets Indian government and energy entities. Suspicious NuGet package appears to target developers in the industrial sector. Guest Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, shares their CIRCIA Notice of Proposed Rulemaking. The Learning Lab returns! Mark Urban and Josh Hanrahan discuss adversary hunting. Control Loop News Brief. Sellafield nuclear waste site to be prosecuted ..read more

Researchers discover a way to hijack web-based PLCs. Threat actor targets manufacturing entities in North America. US Department of Defense launches CORA program. CISA issues ICS advisories. Guest Aura Sabadus, Senior Journalist at ICIS, joins us to discuss how energy insiders are approaching the renewed risks of China's ramp up toward potential attacks on critical infrastructure and what the energy industry is saying about these risks. The Learning Lab is taking a break and will return soon. Stay tuned. Control Loop News Brief. Researchers discover a way to hijack web-based PLCs. Critical In ..read more

NIST releases Cybersecurity Framework 2.0. Biden administration issues executive order on maritime cybersecurity. Suspected Chinese threat actor continues to exploit Ivanti vulnerabilities. ThyssenKrupp sustains ransomware attack. Guests Liz Martin, Global Advisory Solution Architect at Dragos, and Blake Benson, Senior Director at ABS Group, talk through the latest Maritime Executive Order. The Learning Lab is taking a break and will return soon. Stay tuned. Control Loop News Brief. NIST releases Cybersecurity Framework 2.0. NIST Releases Version 2.0 of Landmark Cybersecurity Framework (NIST ..read more

Five Eyes publish report on Volt Typhoon. Volt Typhoon targets emergency management services in the US. Siemens and Schneider Electric issue patches. Guest is Magpie Graham, Principal Adversary Hunter Technical Director at Dragos, sharing the findings of Dragos Cybersecurity Year in Review report. The Learning Lab segment will return next episode. Control Loop News Brief. Five Eyes publish report on Volt Typhoon. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure (CISA) Volt Typhoon targets emergency management services in the US. VOLTZITE Esp ..read more

Volt Typhoon targets US critical infrastructure. Ransomware attacks in the OT sector. Ransomware attack against Johnson Controls cost $27 million. Bill would add ICS security to President’s Cup Cybersecurity Competition. Guest is Dragos CEO and Founder Robert M. Lee from the hearing before the U.S. Congressional Subcommittee on Cybersecurity and Infrastructure Protection on February 6, 2024. We share Rob’s opening statement before the committee. On the Learning Lab, we have the concluding part of a 2-part discussion on building community in OT that Dragos Mark Urban had with Dragos Strategic A ..read more

An analysis of cyberattacks against Danish energy infrastructure. US government outlines threats posed by Chinese-manufactured drones. Vulnerability in Bosch thermostats. OIG says CISA needs to improve collaboration with the water sector. Guests Mark Stacey of Dragos and Charles Kano from WestCap discuss cyber insurance as an important part of your organization's security plan. On the Learning Lab, we have the first part of a 2-part discussion on building community in OT that Dragos Mark Urban had with Dragos Strategic Accounts Director Sam Van Ryder. Control Loop News Brief. OIG says CISA ne ..read more

Responses to Aliquippa water authority attack. Predatory Sparrow disrupts Iran’s gas stations. MITRE launches a threat model for critical infrastructure embedded devices. Guest Dawn Cappelli,  Head of Dragos's OT-Cyber Emergency Readiness Team shares details about  the launch of Dragos’s free community initiative to protect small utilities that serve majority of Americans. Learn more about the Dragos Community Defense Program that includes Dragos Platform and Neighborhood Keeper. On the Learning Lab, we have the final part of the 3-part discussion on building automation systems that ..read more

Iranian hacktivists hit Pennsylvania water utility. Attacks against water systems are an instance of a larger threat. Supply chain vulnerabilities in the electrical sector. Guest Nick Sanna of the FAIR Institute and Safe Security talks about the challenges the White House faces in attempting to harmonize critical infrastructure regulations. The Learning Lab has part 2 of the 3-part discussion on building automation systems that Dragos Mark Urban had with colleagues Daniel Gaeta and Zach Spencer. Control Loop News Brief. Iranian hacktivists hit Pennsylvania water utility. Municipal Water Autho ..read more

GRU's Sandworm implicated in campaign against Danish electrical power providers. Paris wastewater agency hit by cyberattack. LockBit hits Boeing. Bletchley Declaration represents a consensus starting point for AI governance. The US Executive Order on artificial intelligence is out. Guest Austin Reid of ABS Group discusses Ship and Shore challenges for security and the current and emerging regulatory landscape. On the Learning Lab, Dragos Mark Urban part 1 of 3 discussing building automation systems with Dragos' Daniel Gaeta and Zach Spencer. Control Loop News Brief. GRU's Sandworm implicated ..read more

A cyber incident disrupts Australian ports. Sandworm and Ukraine's power grid: 2022 attacks. Department of Energy hosts simulated cyberattack competition. CISA, FEMA, and Shields Ready. Cyber and electronic threats to space systems. Four cyber phases of a hybrid war. Guest Austin Reid of ABS Group discusses cyber risk and threats to Maritime Transportation Systems (MTS). On the Learning Lab, catch an encore of Dragos CEO Robert M. Lee and Mark Urban about the five critical controls for ICS. Control Loop News Brief. Australian ports disrupted in a “cyber incident.” Major Australian port operat ..read more