Skip to content
Latest
Ghost Phishing Shows Why Email Security Must Follow the BrowserPakistani Police Intrusions Show Why Public-Sector Data Systems Are Strategic TargetsBad Epoll Shows Linux Kernel LPEs Belong in the Patch Priority QueueFake Payment SDKs Show Why Dependency Risk Is Credential RiskCritical UniFi Flaws Put Network Control Planes Back in the Patch QueueVidar Stealer Campaign Shows Why File Size and Fake Signatures Still Beat Weak ControlsADFS Signing Keys Show Why Federation Servers Are Tier-Zero Identity InfrastructureUAT-7810 Shows Edge Devices Are Becoming China-Nexus Relay InfrastructureFortiBleed Shows Firewall Credentials Are Ransomware FuelNetNut and Popa Takedown Shows Residential Proxies Are Now Attack InfrastructureVect and TeamPCP Show Supply-Chain Credentials Are Ransomware FuelOusaban Shows Banking Trojans Are Learning to Hide From SandboxesNUT upsmon Command Injection Shows UPS Monitoring Belongs in the Patch QueueARToken Shows Microsoft 365 Tokens Are the New BEC Control Plane

Category Archive

Operational Technology (OT)

18 reports · All intelligence

Bulwark Black cyber threat intelligence filed under Operational Technology (OT).

Cyber Security Blog
NUT upsmon Command Injection Shows UPS Monitoring Belongs in the Patch Queue
Cyber Security Blog·

NUT upsmon Command Injection Shows UPS Monitoring Belongs in the Patch Queue

CVE-2026-54161 in Network UPS Tools upsmon shows why UPS monitoring, notification scripts, and power-infrastructure control paths need patching, segmentation, and process monitoring.

Chinese Cyber Threat Intelligence
Water Systems Are Becoming Nation-State Pressure Points
Chinese Cyber Threat Intelligence·

Water Systems Are Becoming Nation-State Pressure Points

Nation-state targeting of water systems shows why exposed OT, weak credentials, remote access, and poor IT/OT segmentation remain practical business risks—not just utility-sector problems.

Chinese Cyber Threat Intelligence
CL-STA-1062 Shows Critical Infrastructure Intrusions Still Start With Web Shells
Chinese Cyber Threat Intelligence·

CL-STA-1062 Shows Critical Infrastructure Intrusions Still Start With Web Shells

Unit 42’s CL-STA-1062 report shows why defenders should focus on exposed web apps, web shells, tunneling tools, scheduled-task persistence, and egress visibility — not just the TinyRCT malware name.

Cyber Security Blog
Operation Escaneo Shows Latin America’s Edge Devices Are Prime Intrusion Targets
Cyber Security Blog·

Operation Escaneo Shows Latin America’s Edge Devices Are Prime Intrusion Targets

Operation Escaneo shows how financially motivated actors are turning exposed edge devices, tunnels, and privileged service accounts into full intrusion chains across Latin American government and critical infrastructure targets.

Cyber Security Blog
Handala’s Cal Water Claim Shows OT Defense Starts With Segmentation
Cyber Security Blog·

Handala’s Cal Water Claim Shows OT Defense Starts With Segmentation

Handala’s California Water Service claim is a reminder that critical-infrastructure defense starts with proving separation between billing systems, telemetry platforms, and operational technology.

Cyber Security Blog
Fuel Tank Gauge Attacks Show Why Small OT Still Needs Internet Exposure Control
Cyber Security Blog·

Fuel Tank Gauge Attacks Show Why Small OT Still Needs Internet Exposure Control

Federal agencies warn that attackers are compromising internet-exposed automatic tank gauge systems. The lesson for SMBs, fuel operators, farms, logistics firms, and gov contractors is simple: small OT is still operational infrastructure.

Cyber Security Blog
Cl0p’s South Staffs Water Case Shows SOC Coverage Must Be Proven
Cyber Security Blog·

Cl0p’s South Staffs Water Case Shows SOC Coverage Must Be Proven

The South Staffordshire Water breach shows why outsourced SOC coverage, legacy server risk, and vulnerability management must be proven—not assumed—for SMBs, utilities, and government contractors.

Iranian Cyber Threat Intelligence
Iranian Threat Actors Target Hikvision and Dahua IP Cameras for Kinetic Strike Coordination
Iranian Cyber Threat Intelligence·

Iranian Threat Actors Target Hikvision and Dahua IP Cameras for Kinetic Strike Coordination

As Iran-Israel-US military operations escalate in the Middle East, Check Point Research and Tenable have identified a significant surge in Iranian threat actors targeting IP cameras manufactured by Hikvision and Dahua. The activity, which began spiking on February 28, 2026, coinc

Iranian Cyber Threat Intelligence
60+ Pro-Iranian Hacktivist Groups Activate AI-Enabled ICS Attacks Following US-Israel Strikes
Iranian Cyber Threat Intelligence·

60+ Pro-Iranian Hacktivist Groups Activate AI-Enabled ICS Attacks Following US-Israel Strikes

In the largest single-event activation of Iranian-aligned cyber actors ever documented, more than 60 pro-Iranian hacktivist groups became active on Telegram within hours of the February 28 US-Israel military strikes on Iran. Armed with AI tools and targeting over 40,000 internet-

Operational Technology (OT)
Russian Cyberattacks Shift to Intelligence Gathering for Missile Strike Guidance on Ukraine Power Grid
Operational Technology (OT)·

Russian Cyberattacks Shift to Intelligence Gathering for Missile Strike Guidance on Ukraine Power Grid

Russian cyberattacks targeting Ukraine’s energy infrastructure have shifted focus from immediate disruption to intelligence gathering for guiding missile strikes, Ukrainian cybersecurity officials revealed at the Kyiv International Cyber Resilience Forum. Strategic Shift in Attac

Operational Technology (OT)
Qilin Ransomware Hits Romania’s National Oil Pipeline Operator Conpet, Claims Nearly 1 TB Data Theft
Operational Technology (OT)·

Qilin Ransomware Hits Romania’s National Oil Pipeline Operator Conpet, Claims Nearly 1 TB Data Theft

Romania’s national oil pipeline operator Conpet has confirmed a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week. The company operates approximately 3,800 kilometers (2,360 miles) of pipelines supplying domestic and im

Operational Technology (OT)
Iconics Suite SCADA Vulnerability Enables Denial-of-Service Through Privileged File Operations
Operational Technology (OT)·

Iconics Suite SCADA Vulnerability Enables Denial-of-Service Through Privileged File Operations

CVE-2025-0921 in Iconics Suite SCADA allows attackers to exploit privileged file operations to corrupt critical system binaries and crash Windows systems through symbolic link attacks.

Operational Technology (OT)
Global Energy Systems Exposed: Widespread Cybersecurity Gaps Found in Power Grid OT Networks
Operational Technology (OT)·

Global Energy Systems Exposed: Widespread Cybersecurity Gaps Found in Power Grid OT Networks

A global study by OMICRON reveals critical cybersecurity weaknesses in power grid OT networks, including unpatched devices, weak segmentation, and asset blind spots that leave critical infrastructure vulnerable to attack.

Operational Technology (OT)
CVE-2026-24061: 11-Year-Old GNU Telnetd Vulnerability Grants Instant Root Access
Operational Technology (OT)·

CVE-2026-24061: 11-Year-Old GNU Telnetd Vulnerability Grants Instant Root Access

CVE-2026-24061 is a critical 11-year-old vulnerability in GNU InetUtils telnetd that allows unauthenticated attackers to gain instant root shell access. With a CVSS score of 9.8 and active exploitation confirmed, this flaw affects over 200,000 devices running Telnet servers globa

Malware
Poland Thwarts Russian Wiper Malware Attack on Power Plants
Malware·

Poland Thwarts Russian Wiper Malware Attack on Power Plants

Source: Hackread | Author: Deeba Ahmed Poland has narrowly avoided a massive energy crisis following what officials are calling the largest cyberattack on the country in years. Between 29 and 30 December 2025, hackers attempted to break into the nation’s energy infrastructure, sp

Operational Technology (OT)
SCADA systems: How secure are the systems running our infrastructure?⎥Malav Vyas (Security Researcher at Palo Alto Networks)
Operational Technology (OT)·

SCADA systems: How secure are the systems running our infrastructure?⎥Malav Vyas (Security Researcher at Palo Alto Networks)

Business
Review: Engineering-grade OT security: A manager’s guide
Business·

Review: Engineering-grade OT security: A manager’s guide

Operational Technology (OT)
Analysis of OT cyberattacks and malwares
Operational Technology (OT)·

Analysis of OT cyberattacks and malwares