#dragos — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #dragos, aggregated by home.social.
-
Oh what, #Dragos is moving in across from us? I mean it’s a little small….
Tell you what if I see anyone here I’ll say hi, would be nice to have anyone that gets OT network monitoring to chat to over lunch.
-
Industrial systems face structural gap as quantum risks drive urgency for crypto-agility and post-quantum readiness https://www.byteseu.com/1933504/ #AI #Algorithms #claroty #CriticalInfrastructure #Crypto #CryptoAgility #CryptoCurrency #cryptography #CyberResilience #CyberRisks #Dragos #EmbeddedDevices #encryption #IIoT #industrial #IndustrialSystems #Industry40 #NIST #NozomiNetworks #OTEnvironments #PLCs #PostQuantum #QuantumComputer #QuantumComputing #QuantumRisks #SafetySystems
-
Dragos Blames Electrum Group for Poland Grid Cyberattack
Looking to read the full article? Scroll down and login or sign up today! Page Reload Scroll Position…
#Poland #Polska #PL #Europe #Europa #EU #Aktualności #Cybersecurity #distributedenergyresources(DERs) #Dragos #inverter-basedresources(IBRs) #poland #polska #Russia #Ukraine
https://www.europesays.com/2738765/ -
Dragos Blames Electrum Group for Poland Grid Cyberattack https://www.byteseu.com/1754578/ #cybersecurity #DistributedEnergyResources(DERs) #Dragos #InverterBasedResources(IBRs) #Poland #Russia #Ukraine
-
Match Report – Castres 33 – 0 Edinburgh
Castres claimed a dominant home win over Edin…
#Edinburgh #UnitedKingdom #UK #GB #Scotland #Headlines #News #Europe #EU #Airon #Bath #Biarritz #Britain #CardiffBlues #Castres #Clearmont #Dragos #fixtures #Glasgow #GreatBritain #InvestecChampionsCup #irish #Leinster #london #Munster #Northampton #Ospreys #Perpignan #photos #racing #Results #Rugby #Saracens #Scarlets #Sky #Sports #Toulouse #Treviso #Ulster #Union #Wasps
https://www.europesays.com/uk/632289/ -
https://www.europesays.com/uk/632289/ Match Report – Castres 33 – 0 Edinburgh #Airon #Bath #Biarritz #Britain #CardiffBlues #Castres #Clearmont #Dragos #Edinburgh #fixtures #Glasgow #GreatBritain #InvestecChampionsCup #irish #Leinster #london #Munster #News #Northampton #Ospreys #Perpignan #photos #racing #Results #Rugby #Saracens #Scarlets #Scotland #Sky #Sports #Toulouse #Treviso #UK #Ulster #Union #UnitedKingdom #Wasps
-
Sale 0 – 0 Glasgow
Opening weekend of Champions Cup 2025/26 pool stages sees two away…
#Glasgow #UnitedKingdom #UK #GB #Scotland #Headlines #News #Europe #EU #Airon #Bath #Biarritz #Britain #CardiffBlues #Castres #Clearmont #Dragos #Edinburgh #fixtures #GreatBritain #InvestecChampionsCup #irish #Leinster #london #Munster #Northampton #Ospreys #Perpignan #photos #racing #Results #Rugby #Saracens #Scarlets #Sky #Sports #Toulouse #Treviso #Ulster #Union #Wasps
https://www.europesays.com/uk/615503/ -
https://www.europesays.com/uk/615503/ Sale 0 – 0 Glasgow #Airon #Bath #Biarritz #Britain #CardiffBlues #Castres #Clearmont #Dragos #Edinburgh #fixtures #Glasgow #GreatBritain #InvestecChampionsCup #irish #Leinster #london #Munster #News #Northampton #Ospreys #Perpignan #photos #racing #Results #Rugby #Saracens #Scarlets #Scotland #Sky #Sports #Toulouse #Treviso #UK #Ulster #Union #UnitedKingdom #Wasps
-
Dragos Platform 3.0 consolidates risk alerts and streamlines industrial cybersecurity https://www.helpnetsecurity.com/2025/09/23/dragos-platform-3-0/ #Industrynews #Dragos
-
Global OT cyber risk could top $329 billion, new report warns https://www.helpnetsecurity.com/2025/08/13/global-ot-cybersecurity-financial-risk/ #criticalinfrastructure #riskmanagement #cybersecurity #MarshMcLennan #Don'tmiss #cyberrisk #ICS/SCADA #Dragos #report #News
-
Global OT cyber risk could top $329 billion, new report warns https://www.helpnetsecurity.com/2025/08/13/global-ot-cybersecurity-financial-risk/ #criticalinfrastructure #riskmanagement #cybersecurity #MarshMcLennan #Don'tmiss #cyberrisk #ICS/SCADA #Dragos #report #News
-
Global OT cyber risk could top $329 billion, new report warns https://www.helpnetsecurity.com/2025/08/13/global-ot-cybersecurity-financial-risk/ #criticalinfrastructure #riskmanagement #cybersecurity #MarshMcLennan #Don'tmiss #cyberrisk #ICS/SCADA #Dragos #report #News
-
Global OT cyber risk could top $329 billion, new report warns https://www.helpnetsecurity.com/2025/08/13/global-ot-cybersecurity-financial-risk/ #criticalinfrastructure #riskmanagement #cybersecurity #MarshMcLennan #Don'tmiss #cyberrisk #ICS/SCADA #Dragos #report #News
-
DOE CESER-funded collaboration debuts V-INT cybersecurity tool to help energy utilities assess risk https://www.byteseu.com/1139576/ #AICybersecurity #Bastazo #Compliance #CyberVulnerabilities #Dragos #Energy #NetworkPerception #VINT
-
OT/ICS cyber threats escalate as geopolitical conflicts intensify https://www.helpnetsecurity.com/2025/02/28/dragos-2025-ot-ics-cybersecurity-report/ #criticalinfrastructure #ICS/SCADA #Dragos #report #News
-
Think OT security isn’t relevant to your operations? Think again! @hacks4pancakes busts common myths and highlights the importance of OT systems in various environments on this episode of the Breaking Badness Cybersecurity Podcast.
🎧 Listen to the full episode wherever you get podcasts:
Spotify: https://open.spotify.com/episode/5S8UINAbTA1XC4TvMZBBqT
YouTube: https://www.youtube.com/watch?v=S2f4MSQL7gg&ab_channel=DomainTools
-
🌐Securing Critical Infrastructure 🌐
Dive into the world of industrial control systems with @hacks4pancakes from @dragosinc. In this episode of the Breaking Badness Cybersecurity Podcast, discover the unique challenges and essential practices for securing our critical infrastructure. 🚧🔒
#CyberSecurity #IndustrialControlSystems #OTSecurity #Dragos
Listen wherever you get podcasts
Spotify: https://open.spotify.com/episode/5S8UINAbTA1XC4TvMZBBqT
YouTube: https://www.youtube.com/watch?v=S2f4MSQL7gg&ab_channel=DomainTools
-
First takeaway. The #SANS Five ICS Cybersecurity Critical Controls
While I think I had come across them before it was helpful to get a quick overview.
Different many other approaches to #Cybersecurity, they don't start with a focus of prevention.
The 5 critical controls are
- ICS-specific Incident Response Plan
- Defensible Architecture
- ICS Network Visibility and Monitoring
- Secure Remote Access
- Risk-based VulnerabilityManagement Program
ICS-specific Incident Response Plan
Identify the scenarios which apply to you according to your industry, setting, etc. Start with 2-3 high consequence Simulate the scenarios and test your incident response plans, identify and prioritize gaps.
Defensible Architecture
to enable humans to successfully defend your system. Asset management, isolation, segmentation based on risks identified in the scenarios above and to enable
ICS Network Visibility and Monitoring
Without this a root cause analysis is hard. And without identifying "the" root cause it's impossible to corrects problems (added benefit of identifying misconfigurations)
Secure Remote Access
Remote access is a reality in most OT systems.
A lot of incidents start by unsecure remote access, including the 3rd parties like suppliers and service providers. So getting this secured including MFA, is crucial.Risk-based Vulnerability
Management Program
Patch everything isn't general possible in an OT setting. Instead of trying and failing focus on the vulnerabilities which increase the risks identified before.
Find more information at
https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/
or
https://www.dragos.com/blog/the-sans-ics-five-critical-controls-a-practical-framework-for-ot-cybersecurity/(Little shoutout to @dragosinc, while there is a registration form when downloading stuff from #Dragos, there is generally also a "skip" button to download without providing information. I love it)
-
Last week i had the opportunity to participate in de #Dragos Industrial Security Conference in Munich (#DISC)
AS the name suggests in was about #ICS/#OT #Cybersecurity
In this thread I would like to share some takeaways
(Not sure if @dragosinc is their official account)
-
Dragos acquires Network Perception to boost security in OT environments https://www.helpnetsecurity.com/2024/10/01/dragos-network-perception-acquisition/ #NetworkPerception #Industrynews #Dragos
-
Dragos Acquires Network Perception to Boost Visibility https://www.securityweek.com/dragos-acquires-network-perception-to-boost-visibility/ #networksecurity #Acquisition #M&ATracker #ICS/OT #Dragos #ICS #OT
-
Infosec products of the month: August 2024 https://www.helpnetsecurity.com/2024/09/02/infosec-products-of-the-month-august-2024/ #CequenceSecurity #ContrastSecurity #NucleusSecurity #AdaptiveShield #ClutchSecurity #WingSecurity #Resecurity #RightCrowd #ArmorCode #Bitwarden #ClearSale #EndorLabs #Fortanix #Fortinet #Rezonate #AppOmni #Elastic #Entrust #Guardio #Stellar #Wallarm #Dragos #Ivanti #McAfee #Rapid7 #News #HYCU #Veza #Own
-
Infosec products of the month: August 2024 https://www.helpnetsecurity.com/2024/09/02/infosec-products-of-the-month-august-2024/ #CequenceSecurity #ContrastSecurity #NucleusSecurity #AdaptiveShield #ClutchSecurity #WingSecurity #Resecurity #RightCrowd #ArmorCode #Bitwarden #ClearSale #EndorLabs #Fortanix #Fortinet #Rezonate #AppOmni #Elastic #Entrust #Guardio #Stellar #Wallarm #Dragos #Ivanti #McAfee #Rapid7 #News #HYCU #Veza #Own
-
Infosec products of the month: August 2024 https://www.helpnetsecurity.com/2024/09/02/infosec-products-of-the-month-august-2024/ #CequenceSecurity #ContrastSecurity #NucleusSecurity #AdaptiveShield #ClutchSecurity #WingSecurity #Resecurity #RightCrowd #ArmorCode #Bitwarden #ClearSale #EndorLabs #Fortanix #Fortinet #Rezonate #AppOmni #Elastic #Entrust #Guardio #Stellar #Wallarm #Dragos #Ivanti #McAfee #Rapid7 #News #HYCU #Veza #Own
-
Infosec products of the month: August 2024 https://www.helpnetsecurity.com/2024/09/02/infosec-products-of-the-month-august-2024/ #CequenceSecurity #ContrastSecurity #NucleusSecurity #AdaptiveShield #ClutchSecurity #WingSecurity #Resecurity #RightCrowd #ArmorCode #Bitwarden #ClearSale #EndorLabs #Fortanix #Fortinet #Rezonate #AppOmni #Elastic #Entrust #Guardio #Stellar #Wallarm #Dragos #Ivanti #McAfee #Rapid7 #News #HYCU #Veza #Own
-
New infosec products of the week: August 30, 2024 https://www.helpnetsecurity.com/2024/08/30/new-infosec-products-of-the-week-august-30-2024/ #Bitwarden #Fortinet #Rezonate #Dragos #News #HYCU
-
New infosec products of the week: August 30, 2024 https://www.helpnetsecurity.com/2024/08/30/new-infosec-products-of-the-week-august-30-2024/ #Bitwarden #Fortinet #Rezonate #Dragos #News #HYCU
-
New infosec products of the week: August 30, 2024 https://www.helpnetsecurity.com/2024/08/30/new-infosec-products-of-the-week-august-30-2024/ #Bitwarden #Fortinet #Rezonate #Dragos #News #HYCU
-
Dragos Platform updates streamline OT threat and vulnerability workflows https://www.helpnetsecurity.com/2024/08/28/dragos-platform/ #Industrynews #Dragos
-
Ransomware Attacks on Industrial Firms Surged in Q2 2024 https://www.securityweek.com/ransomware-attacks-on-industrial-firms-surged-in-q2-2024/ #ransomware #ICS/OT #Dragos #ICS
-
Ransomware Attacks on Industrial Firms Surged in Q2 2024 https://www.securityweek.com/ransomware-attacks-on-industrial-firms-surged-in-q2-2024/ #ransomware #ICS/OT #Dragos #ICS
-
How ICS malware sabotaged heating in Ukraine - #Dragos FrostyGoop ICS Malware Intelligence Brief covering the recent cybersecurity incident affecting the energy sector.
In our report, we cover the OT cybersecurity weaknesses exploited by cyber adversaries and offer actionable insights on how to protect against the threat. Get the intel brief today! https://hubs.la/Q02HBYNT0 (you can skip the registration)
Don’t miss our upcoming webinar for a deeper dive – register now! https://hubs.la/Q02HBWV80
-
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure
Date: July 23, 2024
CVE: N/A
Vulnerability Type: Exploitation of Modbus TCP communication
CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]
Sources: The Hacker News, Yahoo News, DragosSynopsis
FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.
Issue Summary
In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.
Technical Key Findings
FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.
Vulnerable Products
ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.
Impact Assessment
The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.
Patches or Workarounds
Currently, there are no specific patches available for FrostyGoop.
#FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability
-
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure
Date: July 23, 2024
CVE: N/A
Vulnerability Type: Exploitation of Modbus TCP communication
CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]
Sources: The Hacker News, Yahoo News, DragosSynopsis
FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.
Issue Summary
In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.
Technical Key Findings
FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.
Vulnerable Products
ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.
Impact Assessment
The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.
Patches or Workarounds
Currently, there are no specific patches available for FrostyGoop.
#FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability
-
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure
Date: July 23, 2024
CVE: N/A
Vulnerability Type: Exploitation of Modbus TCP communication
CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]
Sources: The Hacker News, Yahoo News, DragosSynopsis
FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.
Issue Summary
In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.
Technical Key Findings
FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.
Vulnerable Products
ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.
Impact Assessment
The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.
Patches or Workarounds
Currently, there are no specific patches available for FrostyGoop.
#FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability
-
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure
Date: July 23, 2024
CVE: N/A
Vulnerability Type: Exploitation of Modbus TCP communication
CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]
Sources: The Hacker News, Yahoo News, DragosSynopsis
FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.
Issue Summary
In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.
Technical Key Findings
FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.
Vulnerable Products
ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.
Impact Assessment
The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.
Patches or Workarounds
Currently, there are no specific patches available for FrostyGoop.
#FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability
-
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure
Date: July 23, 2024
CVE: N/A
Vulnerability Type: Exploitation of Modbus TCP communication
CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]
Sources: The Hacker News, Yahoo News, DragosSynopsis
FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.
Issue Summary
In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.
Technical Key Findings
FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.
Vulnerable Products
ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.
Impact Assessment
The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.
Patches or Workarounds
Currently, there are no specific patches available for FrostyGoop.
#FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability
-
Swimlane partners with Dragos to automate threat detection across both IT and OT environments https://www.helpnetsecurity.com/2024/03/26/swimlane-dragos-partnership/ #Industrynews #Swimlane #Dragos
-
Dragos Offering Free OT Cybersecurity Technology to Small US Utilities https://www.securityweek.com/dragos-offering-free-ot-cybersecurity-technology-to-small-us-utilities/ #ICS/OT #Dragos #ICS #OT
-
Dragos, an industrial cybersecurity services provider, was listed on the ALPHV ransomware gang’s leak site, quoting a third-party breach.
#ALPHV #Dragos #cybersecurity #ransomware #infosec -
"#RansomedVC claimed that (1) #RobLee of #Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to #leak files that Lee had allegedly bought to try to woo #ColonialPipeline away from Accenture and to Dragos."
https://www.databreaches.net/colonial-pipeline-was-hacked-no-wait-accenture-was-hacked-no-wait-untangling-claims/ -
"#RansomedVC claimed that (1) #RobLee of #Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to #leak files that Lee had allegedly bought to try to woo #ColonialPipeline away from Accenture and to Dragos."
https://www.databreaches.net/colonial-pipeline-was-hacked-no-wait-accenture-was-hacked-no-wait-untangling-claims/ -
"#RansomedVC claimed that (1) #RobLee of #Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to #leak files that Lee had allegedly bought to try to woo #ColonialPipeline away from Accenture and to Dragos."
https://www.databreaches.net/colonial-pipeline-was-hacked-no-wait-accenture-was-hacked-no-wait-untangling-claims/ -
"#RansomedVC claimed that (1) #RobLee of #Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to #leak files that Lee had allegedly bought to try to woo #ColonialPipeline away from Accenture and to Dragos."
https://www.databreaches.net/colonial-pipeline-was-hacked-no-wait-accenture-was-hacked-no-wait-untangling-claims/ -
"#RansomedVC claimed that (1) #RobLee of #Dragos somehow cheated someone called “fooble,” and as a result, (2) RansomedVC was going to #leak files that Lee had allegedly bought to try to woo #ColonialPipeline away from Accenture and to Dragos."
https://www.databreaches.net/colonial-pipeline-was-hacked-no-wait-accenture-was-hacked-no-wait-untangling-claims/ -
New post from #Ransomed : #RobLee [#Dragos] Evidence
"Threat actor Rob Lee has failed to cooperate with the demands made by us, including an admission of guilt & wrongdoing, and an immediate resignation. Therefore, we must expose Rob Lee for who he is – a threat actor working under the guise of a powerful executive..."
#Ransomware
https://www.ransomlook.io/screenshots/ransomed/Rob%20Lee%20Evidence%20:%20Sneak%20Peek.png