Real world stories of incident response and threat intelligence.

Radiation sensor reports from Chernobyl may have been manipulated. South African power generator hit with malware. APT31 linked to attacks on industrial systems in Eastern Europe. Environmental regulation and increased maritime cyber risk. CISA Director warns of Chinese infrastructure attack staging. Threats to the power grid. CODESYS vulnerabilities. 

Today's guest is Dragos’ Lesley Carhart, sharing their RSAC 2023 talk on real world stories of incident response and threat intelligence. 

The Learning Lab continues the conversation between Dragos’ Mark Urban and Kimberly Graham about the convergence.

Control Loop News Brief.

Radiation sensor reports from Chernobyl may have been manipulated.

Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication (Ruben Santamarta)

The Mystery of Chernobyl’s Post-Invasion Radiation Spikes (WIRED)

CISA Director warns of Chinese infrastructure attack staging.

Top U.S. cyber official offers 'stark warning' of potential attacks on infrastructure if tensions with China escalate (NBC News)

China's Volt Typhoon snoops into US infrastructure, with special attention to Guam. (CyberWire)

CODESYS vulnerabilities.

Microsoft reveals severe vulnerabilities in CODESYS industrial automation software (The Record)

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS (Microsoft)

South African power generator hit with malware.

Focus on DroxiDat/SystemBC (Kaspersky)

Ransomware Trends in the HPH Sector - Q1 2022 (HHS)

Environmental regulation and increased maritime cyber risk.

Navigating Cybersecurity's Seas: Environmental Regulations, OT & the Maritime Industry's New Challenges (Dark Reading)

Threats to the power grid.

EXCLUSIVE: ‘Release our men’: Far-right used power grid threats to try and blackmail government into freeing neo-Nazi bank robbery suspects (The Daily Dot)

APT31 linked to attacks on industrial systems in Eastern Europe.

Common TTPs of attacks against industrial organizations. Implants for uploading data (Kaspersky)

Control Loop Interview.

Our guest is Dragos’ Technical Director for Industrial Incident Response, Lesley Carhart, sharing real world stories of incident response and threat intelligence from their RSAC 2023 talk. 

Control Loop Learning Lab.

On the Learning Lab, Mark Urban is joined by Dragos Vice President of Product Management Kimberly Graham in part two of their discussion on the convergence of OT and IT. 

Control Loop OT Cybersecurity Briefing.

A companion monthly newsletter is available through free subscription and on the CyberWire's website.