The key takeaway from the NERC report about the attack against a US electric utility isn't that companies need to be patching, but that layered defense is still the best approach for keeping systems and networks safe.
VxWorks is the operating system no one has ever heard of, but it is widely used in industrial control systems, robotics and automation, industrial control systems, and Internet of Things. The URGENT/11 group of vulnerabilities in these devices can be exploited remotely.
Credit rating agency Moody's weighed in on the security of natural gas pipeline operators, urging that mandatory cybersecurity standards would harden the sector against potential attacks.
Homeland Security secretary Kirstjen Nielsen announced the creation of the National Risk Management Center to evaluate threats and defend US critical infrastructure. The center will initially focus on the energy, finance, and telecommunications sectors to start.
As nation-state actors increasingly target physical critical infrastructure, two federal agencies strategize on how to protect against national threats.