Discover industrial security tips and learn about the latest news and developments in the industrial cybersecurity world.
Modern network and asset defense require far greater visibility into the industrial control system threat landscape than in years past.
This week we will move away from hard-coded indicators and begin to look at behavioral indicators. Behavioral indicators allow identification of scanning in an environment beyond just that of Nmap.
Over the next few weeks, we will look at basic analytic approaches that can be taken to examine some of the most common protocols found on typical networks. This week we will get started with basic HTTP analysis using Python and Jupyter notebooks.
In this edition of the Dragos Threat Hunting on ICS network series, we will compare threat hunting on industrial networks with concepts from the wider threat hunting community. We will also look at how the unique characteristics of industrial networks can be used to an advantage as network defense professionals
This post is a first in series that will describe hunting, discuss best practices and explain our approach and lessons. Because hunting in industrial infrastructure is important to all of us and with focus and effort we can accomplish it.
Today Crowdstrike and Dragos issued a joint press release to finally announce the partnership we’ve developed over the course of the last year.
CRASHOVERRIDE is a malware framework that has not been disclosed before today but is the capability used in the cyber-attack on the Ukraine electric grid in 2016 (not the 2015 attack).
What can the community learn in terms of realistic metrics and data points around malware in modern industrial control systems (MIMICS) from completely public datasets? That’s what project MIMICS sets out to do.
As industrial control systems (ICS) become more interconnected with each other and homogenous, there needs to be sufficient compensating controls put into place to ensure the safety and reliability of the operations.