Executive discussions and how to communicate your cyber risks to the Board.

DOE invests in securing the US power grid. CISA’s recent ICS security advisories. Industroyer2 makes an appearance in Ukraine. DDoS attack against Energoatom’s website. Ransomware trends and the threat to OT systems. Ransomware gang attempts to extort the wrong water company.

Control Loop News Brief.

DOE invests in securing the US power grid. 

DOE invests $45 million in cyber technology that protects power sector (The Hill) 

CISA’s recent ICS security advisories.

Cisco Releases Security Update for Multiple Products (CISA)

Siemens Simcenter STAR-CCM+ (CISA)

Siemens Teamcenter (CISA) 

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 (CISA)

Emerson ROC800, ROC800L and DL8000 (CISA)

Siemens SICAM A8000 Web Server Module (CISA) 

Siemens SICAM TOOLBOX II (CISA)

Siemens SCALANCE (CISA) 

Siemens SIMATIC S7-400 (CISA) 

Siemens Industrial Products Intel CPUs (Update A) (CISA) 

Siemens Industrial Products LLDP (Update B) (CISA) 

Siemens Linux-based Products (Update G) (CISA) 

Siemens Datalogics File Parsing Vulnerability (CISA)

Siemens S7-400 CPUs (Update A) (CISA)

Siemens SIMATIC Software Products (Update B) (CISA) 

Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update B) (CISA)

Baxter Sigma Spectrum Infusion Pumps (Update B) (CISA)

Siemens Industrial Products with OPC UA (Update H) (CISA)

Siemens PROFINET Stack Integrated on Interniche Stack (CISA) 

Siemens TIA Portal (Update C) (CISA) 

Siemens Teamcenter (CISA) 

Siemens Industrial Devices using libcurl (CISA)

Siemens SIMATIC WinCC and PCS (CISA)

Siemens Teamcenter (CISA)

Siemens Industrial Products (CISA)

Siemens OpenSSL Vulnerabilities in Industrial Products (CISA)

Siemens RUGGEDCOM ROS (CISA) 

Simcenter Femap and Parasolid (CISA) 

Siemens SRCS VPN Feature in SIMATIC CP Devices (CISA) 

Yokogawa CENTUM Controller FCS (CISA)

LS ELECTRIC PLC and XG5000 (CISA)

Delta Industrial Automation DRAS (CISA)

Softing Secure Integration Server (CISA)

B&R Industrial Automation Automation Studio 4 (CISA)

Emerson Proficy Machine Edition (CISA)

Sequi PortBloque S (CISA)

Siemens Industrial Products with OPC UA (CISA)

Siemens Linux-based Products (Update J) (CISA)

Siemens Industrial Products LLDP (Update D) (CISA)

Siemens OpenSSL Affected Industrial Products (Update B) (CISA)

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update A) (CISA)

Mitsubishi Electric Multiple Factory Automation Products (Update A) (CISA)

Industroyer2 makes an appearance in Ukraine. 

Ukraine cyber chief pays surprise visit to 'Black Hat' hacker meeting in Las Vegas (Reuters) 

Black Hat 2022‑ Cyberdefense in a global threats era (WeLiveSecurity) 

DDoS attack against Energoatom’s website. 

Ukraine’s state-owned nuclear power operator said Russian hackers attacked website (The Record) 

Ransomware trends and the threat to OT systems. 

Dragos Industrial Ransomware Analysis: Q2 2022 (Dragos) 

Ransomware gang attempts to extort the wrong water company.

Hackers attack UK water supplier but extort wrong company (BleepingComputer)

Control Loop Interview.

Jason Christopher, Director of Cyber Risk at Dragos, Boards and threat-informed industrial risk management

Control Loop Learning Lab.

David Foose, Senior Product Manager at Dragos, talking with Mark Urban of Dragos about SCADA.