-
Trade Shows
-
Media Group
Packaging WorldThe leading business publication for users of packaging equipment, materials and
Healthcare PackagingThe leading media brand covering life sciences packaging and logistics. Via print and
OEMThe go-to information resource for packaging and food processing machine builders. OEM is
ProFood WorldPMMI Media Group’s newest brand, edited for food and beverage processors. Readers will
Mundo PMMIThe new Spanish-language brand from PMMI Media Group created for professionals who
The official publication for CPA, the Association for Contract Packagers &
Emerging Brands AllianceProviding year-round education, resources, and growth opportunities for high-growth
Cyber Health
CISA recommends getting rid of default passwords
CISA recommends getting rid of default passwords
Published on
January 19, 2024
Following our recent blog post about vulnerabilities in Programmable Logic Controllers, the Cybersecurity & Infrastructure Security Agency (CISA) is urging manufacturers to change or even get rid of default passwords altogether on equipment and software they manufacture. The agency went on to say that “studies by CISA show that the use of default credentials, such as passwords, is a top weakness that threat actors exploit to gain access to systems, including those within U.S. critical infrastructure”.
CISA has also released a new work product that provides guidance for secure-by-design open source software development in a broader effort to secure the software supply chain.
The document focuses on recommended practices for implementing open source software as well as tracking the use of open source code through a concept known as a “software bill of materials”. The document also provides guidance on how to select open source software, conduct risk assessments, maintaining open source software, and how to respond to vulnerabilities and threats.
You can read more about it by clicking here:
If you leverage any variation of open source software equipment you manufacture, you may want to pay close attention to this guidance as it could save you and your customers from potential vulnerabilities.