Threat Research

Securing Water Critical Infrastructure: Detecting a Life-Threatening Attack, Part 2

In part 1 of our two-part series on securing water critical infrastructures (CI), we described how a water treatment plant’s operational technology (OT) security team quickly detected, located, and shut down contaminated water pipes during a potential chemical attack on the plant’s water. In part 2, we will describe how the security team can easily create correlated rules to alert to an attack at one of the plant’s remote locations.

Read More

Detecting Drupalgeddon 2.0

Despite a patch being released for the recent Drupal vulnerability, entities are still feeling its impacts. In this post, we’ll review what is known about Drupalgeddon and present detection methods.

Read More

Take a Deep Dive into PlugX Malware

Although there have been several variants over the years, an analysis of the timeline of variants discussed demonstrates the "original" PlugX variant continues to be used today.

Read More