Agilicus’ unnoficial motto. We learn something, we do it, we teach others. Our blog contains updates on our progress.
Recently Palo Alto announced a 10.0 CVE in the Global Protect feature of their PAN-OS firewall. “Unauthenticated attacker [can] execute arbitrary code with root privileges on the firewall”. Well, that is not good. But, how “not good” is it? It’s terrifyingly bad ungood in fact.
CISA this week issued a Fact Sheet 8 Top Cyber Actions for Securing Water Systems giving a set of “do it now” practical actions for securing water and wastewater systems. Let’s talk about ‘Exposure’ to the Public-Facing Internet
Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits. Do you have one running on autopilot in your plant somewhere? Maybe between the IT and OT network? Maybe running the DMZ?
Multiple Internet connections can create inbound connectivity issues for remote industrial connectivity. The Multiple Connections Inbound Access Challenge.
Another day, another VPN letting the world in to snoop around and fondle your crown jewels: Fortinet edition.
The Netherlands ministry of defence just published the cliff-hanger document TLP:CLEAR MIVD AIVD Advisory COATHANGER regarding a remote access attack of their Fortinet FortiGate VPN by “a state-sponsored actor from the People’s Republic of China”. CVE-2022-42475 was the weakness. One thing that is unusual about the report is the direct attribution: this is rare.
Let me show you a very simple means of Open Source Intelligence (OSINT) on yourself. If I can do this, anyone can do this, and if anyone can do this, someone bad can do this.
A group named Cyber Av3ngers affiliated with the IRGC targetting, modifying the HMI of publuc water systems. Today the individuals are sanctioned under anti-terrorism executive order.
VPNs in Industrial Environments: Old Yeller. It was a faithful friend for years, and now its time to shoot it before it bites you.
ED 24-01 directs agencies to instantly remove Ivanti Industrial VPN from industrial operations. Defence In Depth, Zero Trust give you more time to react.
Cyber Army of Russia Targeting US water facilities. Zero Trust Cybersecurity for VNC to prevent.
Smoke Stacks to Smartscapes. Past, Present, Future, the evolution in-place of the industrial control system, and the airgrap that once protected it.
The “John Deere Business Model” of taking something traditional and making it subscription. Starlink and its complex remote access needs due to CGNAT. And, cybersecurity, notably Cyber Physical Systems with their scary downsides of being able to move and cause damage.
One thing all industrial control installations have in common, they straddle the complexity of modern information technology with the dangers of operational technology and its inherent control of things which can go bump and boom. Hard Industrial Cybersecurity
Agilicus AnyX supports personalising the sign-in and usage environment to match your corporate brand. This is more than just asthethic: a consistent look and feel helps train users to reduce the likelihood of a successful spear-phishing attack.
Exploitation of Unitronics PLCs used in Public Water Systems for political purposes. Recommendations.
Attainable Municipal Zero Trust: Key insights from recent Zero Trust implementations by Municipalities. Why, How, What ROI, Lead use cases.
This blog post explores the challenges of securing remote access to SCADA systems and how Zero Trust can act as a solution.
In this blog post, we’ll dive into the Zero Trust vs. VPN security model differences and why the former is ultimately the far superior choice for secure, seamless remote access.
In this blog post, we’ll delve into the challenges of enabling SSH for remote access and how you can do so without compromising security through Zero Trust.
In this post, we’ll explore the limitations of VPNs and delve into how to enable VPN-less Rockwell Automation remote PLC access.
CISA has announced a free (as in beer) service to scan water systems for vulnerabilities. Agilicus has used this scan for a year, receiving weekly reports.
I’ll be back. Iconic line foreshadows rise of cyber-physical-systems. Terminator trifecta of physical machines, artificial intelligence, cyber-security awry.
Split Horizon VPN’s are used to avoid breaking video conferencing. They are unsafe. See paper for route injection issues.
Who are you? Identity involves knowing who you are, and then later proving it. NIST sp 800-63A enrollment is the first step, let’s talk about that!
We’ll help you understand the benefits of BYOD and the robust, secure support Agilicus AnyX offers so you are equipped with everything you need to allow it.
Agilicus AnyX allows for auto-creating users that simplifies the process and enhances efficiency. We’ll help you understand the benefits & use cases.
We’ll help you understand the benefits of assigning role-based permissions using groups in Agilicus AnyX and the advantages of this approach.
We’ll help you explore the importance of audits in diagnosing user issues and how using them in Agilicus AnyX empowers admins to resolve problems efficiently.
You have two different choices for how to enable a Desktop resource for your users: VNC and RDP. We’ll help you determine which one is right for you.