Water/wastewater facilities are going through a revolution with technology becoming engrained in critical infrastructure operations. Learn how to safely allow remote access to your critical infrastructure.| Agilicus
For years, the security model for water systems has been the air gap—a mythical wall where everything inside is trusted and everything outside is not. The problem? That air gap already has a bunch of holes in it, and Industry 4.0 is making more.| Agilicus
Alright, let’s have a chat. There’s a concept that has been kicking around the tech world since the days of dial-up and digital dinosaurs, but it’s more important now than ever. It’s the trio of Authentication, Authorisation, and Access: “AAA” if you’re into the whole brevity thing. Too many people think that once you’ve logged into a system, you’ve got the keys to the entire kingdom. But that’s like thinking that because you have a ticket to the cinema, you’re also allo...| Agilicus
So, you’ve found yourself in a bit of a pickle. Picture this: you’re running a critical bit of infrastructure, maybe a wastewater treatment plant, a place where the smooth flow of data is almost as important as the smooth flow of… well, you know. You’ve got your remote sites all chatting happily with the main plant, sharing all that lovely SCADA goodness. Once upon a time, you might have done this with a trusty 900-MHz radio system, a real workhorse. But then, the airwaves got as crow...| Agilicus
In a previous discussion, I drew parallels between inevitable changes and the world of industrial control systems, suggesting that secure remote access is no longer a question of if, but how. Today, I want to expand on the how, exploring the different methods organisations use to provide remote access to their critical industrial environments. There are four main approaches we see in the field, each with its own set of benefits and drawbacks. Let’s delve into what they are, how they work, a...| Agilicus
For decades, industrial security relied on the "air gap." But like a frog in slowly boiling water, we've missed the gradual erosion of this protection. Today, that gap is more like Swiss cheese, full of holes for vendor access and cloud connectivity. It's time to adapt to this new reality.| Agilicus
In an era where artificial intelligence dominates headlines, its impact extends far beyond futuristic applications into the realm of cyber warfare, profoundly reshaping the threat landscape for critical infrastructure. Recently, I hosted a webinar exploring how AI amplifies cyber risks, making attackers more effective and critical assets more vulnerable. The core message? While AI may not introduce entirely new vulnerabilities in the short term, it significantly enhances the efficiency and re...| Agilicus
In our digital world, trust is everything. When you visit your bank’s website and see the padlock icon, you’re relying on a system of trust to ensure your connection is secure and you’re not talking to an imposter. This system is built on digital certificates, the cryptographic passports of the internet. But what happens when that trust is broken? And more importantly, how do you verify that trust in a network that is deliberately cut off from the outside world? This is the peculiar and...| Agilicus
AI: You don't need to outrun the bear (the most sophisticated attacker in the world); you just need to outrun your neighbour. Let's make sure you're not the slowest hiker in the woods.| Agilicus
Zero-Trust for Critical Infrastructure and Industrial Control Systems. Give any user, on any device, secure access to any resource they need—without a client or VPN.| Agilicus
Government agencies are publishing cyber advice. Each notice is individually full of good facts and advice, but collectively, they are creating indecision: what do I do first? when? how? With what budget? Today we will talk about how to interpret, how to implement, economically, without disruption.| Agilicus
Cyber Army of Russia Targeting US water facilities. Zero Trust Cybersecurity for VNC to prevent.| Agilicus
A recently disclosed security flaw impacting Apache Tomcat is actively exploited in the wild following the release of a public proof-of-concept just thirty hours after public disclosure. CVE-2025-24813 is the (for a short while) attackers new best friend since authentication is not required to pull off an attack Tomcat is an infrastructure component: its embedded in something else you own and run. As such, it might not be on your radar. After all, you bought and paid for Biggus Software I...| Agilicus
“Medusa ransomware gang has infected more than 300 organizations in critical infrastructure sectors such as the medical, manufacturing and technology industries” is not the sort of news you want to hear. Nonetheless, facts are facts. And the facts are not that great for team blue. Medusa gets in via some unpatched CVE, often your firewall or VPN, or sometimes your monitoring tools (e.g. SolarWinds). Medusa uses “Living of the Land” techniques, meaning, it uses the same tools you do. T...| Agilicus
Asymmetric warfare: Big governments attack little governments. Attackers need to be right once, defenders need to be right 24x7x365. Municipalities continue to be a target.| Agilicus
Asymmetric Cost Espionage: A Chinese Advanced Persistent Thread actor used CVE-2024-24919 (a vulnerability in Checkpoint VPN) to gain ongoing access into operational technology networks.| Agilicus
CityWorks by Trimble is a commonly used GIS system. And, it is commonly either self-hosted, or, hosted by a set of individual partners, running as a virtual host within Microsoft IIS. A newly issued alert from CISA, and a note from Trimble, indicate that CVE-2025-0994 is being actively exploited (a Known Exploited Vulnerability) as an 8.6. How do you read an 8.6? Well, roughly the same way you would read an earthquake. Versions prior to January 29th, 2025 are vulnerable. Trimble has released ...| Agilicus
Agilicus will once again be exhibiting at Texas Water 2025, taking place March 18-21 in Houston, Texas at the George R. Brown Convention Center.| Agilicus
FTC orders GoDaddy to improve security, marking an expansion in supply chain hardening tactics of government regulators.| Agilicus
Put the Avalanche of Advice Into Action: Wastewater plants face escalating cyber threats. Prioritise strong user identities with single sign-on and multi-factor authentication, abandon the outdated "air gap" concept, and embrace a practical zero-trust approach.| Agilicus
Last weeks hyper-critical NGFW vulnerability is this weeks embedded operational technology challenge due to nested risk and supply chain.| Agilicus
Recently Palo Alto announced a 10.0 CVE in the Global Protect feature of their PAN-OS firewall. "Unauthenticated attacker [can] execute arbitrary code with root privileges on the firewall". Well, that is not good. But, how "not good" is it? It's terrifyingly bad ungood in fact.| Agilicus
CISA this week issued a Fact Sheet 8 Top Cyber Actions for Securing Water Systems giving a set of "do it now" practical actions for securing water and wastewater systems. Let's talk about 'Exposure' to the Public-Facing Internet| Agilicus