You may have seen the news last week that multiple municipal water authorities declared themselves under cyber attack.  How did they get in?  The answer is quite simple: by using the default credentials on Unitronics PLCs.  The specific controllers that were compromised were equipped with HMIs and did not…

Cybersecurity threat intelligence services are comprehensive offerings that collect, analyze, and provide real-time insights on potential cybersecurity threats, vulnerabilities, and risks to your organization. These services monitor diverse data sources, detect threats, and identify vulnerabilities, including malware…

Tabletop Exercises – How to conduct a cybersecurity preparedness exercise

We all know that Cybersecurity is paramount to ensuring the continuous operation of any business in today’s digital world, and responding to any type of cybersecurity incident at some point is only question of when. To safeguard your…

The Internet of Things (IoT) continues to transform the way we approach manufacturing, but it also brings increased risks of cyberattacks.  With the growing volume of IoT devices and sensors, the potential attack surface for manufacturers grows with it, as does the amount of data needed to protect.  In this…

If you’ve read the news lately, you’ve probably heard that Artificial Intelligence tools powered by language models like ChatGPT are taking the world by storm and have the potential to revolutionize the ways we all work, especially in the manufacturing industry. Manufacturers are increasingly exploring the potential of…

What is a “watering hole” attack and how do I prevent it from happening to my company?

A watering hole attack targets a specific company by infecting their website with malware which proceeds to then further infect everyone that visits your website.  The attackers essentially use your website as a…

A Denial of Service (DoS) attack is a type of cyber-attack that attempts to make a website, online service or computer network unavailable by overwhelming it with a flood of traffic or requests, causing it to crash or become extremely slow and unresponsive.. It can be targeted at a single system or an entire network,…

Bring Your Own Device, or BYOD, has become an important technology topic over the past ten years as mobile devices have increased their capability and sophistication.  But how should your company deal with employees using their personal devices for work?  What company services do you allow employees to connect…

Business email compromise (BEC) is a type of online scam where a cybercriminal tricks a company or its employees into transferring money or sensitive information to the fraudster's account.

The scam typically starts with an email that looks like it is from a trusted source, such as a colleague, supplier,…

Recently there have been a number of critical and zero-day vulnerabilities that have been announced in the news across several platforms.  Microsoft announced a patch to a remote code execution vulnerability within internet explorer that achieved a CVSS rating of 8.8 which is significant.  There was also…