Quick QuotesFeb 4

“Behold the Power of the peanut. His body mass may be small, but his influence is mighty. The last holdout in the Tower has officially fallen to him. (Said by Pia about the effect her son 'peanut' had on the Sentinel Aryal).”
― Thea Harrison

#Bot #Quote #Aryal #Children #Dragos #Funny #Pia

~w00p~Jan 29

#dragos published an excellent report on the cyberattack on the Polish grid last December.
While the Spanish blackout is often cited as example in blog posts or articles, it is central to understand that both grids are completely different, in power generation sources and connectivity. As Dragos wrote:

"Grid vulnerability to disruptions depends heavily on the generation mix and system inertia. Poland generates over 50 percent of its energy from coal or lignite-fired power plants, providing significant inertia that helps stabilize grid frequency. Wind and solar make up approximately 25 percent of capacity. Grids with higher renewable penetration and less inertia, common in regions aggressively pursuing decarbonization, may be more susceptible to the cascading effects of
coordinated DER disruption."

"This attack was unlikely to cause a nationwide blackout in Poland under current conditions. Strong AC interconnection with neighboring countries and spinning thermal generation would have allowed the system to absorb the disruption, though localized outages could have
occurred."

"Treating remote access as an operational convenience rather than critical infrastructure is no longer viable for DER operators."

https://www.dragos.com/blog/poland-power-grid-attack-electrum-targets-distributed-energy-2025

Spain was reckless in how they managed their grid and they got burned.
Soon (February?) the final report on the Iberian blackout will be published.

Poland Power Grid Attack Targets Distributed Energy Facilities

Inside the Poland electrical grid attack: Dragos reveals ELECTRUM's methods, distributed energy RTU targeting, and OT security lessons for protecting power systems.

a f a s i aJan 23

#Dragos Toaca https://ift.tt/a8fN4Zw | posted by afasia | daily entries on contemporary art and architecture #afasiaarchzine #afasiaarq |

#architecture #arquitectura #design

Savasom Journal . EURO0C . St. Gallen Dragos Toaca . Savasom Journal Colle…

BreakingBadnessJan 27, 2025

Think OT security isn’t relevant to your operations? Think again! @hacks4pancakes busts common myths and highlights the importance of OT systems in various environments on this episode of the Breaking Badness Cybersecurity Podcast.

🎧 Listen to the full episode wherever you get podcasts:

Apple: https://podcasts.apple.com/us/podcast/industrial-cybersecurity-explained-with-lesley-carhart/id1456143419?i=1000668351711

Spotify: https://open.spotify.com/episode/5S8UINAbTA1XC4TvMZBBqT

YouTube: https://www.youtube.com/watch?v=S2f4MSQL7gg&ab_channel=DomainTools

#MythBusting #OTSecurity #IndustrialCybersecurity #Dragos

Industrial Cybersecurity Explained with Lesley Carhart

Podcast Episode · Breaking Badness · 09/04/2024 · 25m

Apple Podcasts
Laura LokkieJan 15, 2025

These last days i've been watching on youtube many videos of this comedian guy and he really is saving me from sinking and overthinking.

I also saw him without the ponytail and now i'm convinced he's the secret eastern european son of Fabio Lione XD

https://www.youtube.com/watch?v=kOXjlSvFkj4

#comedy #dragos #romania #humor

German vs Spanish by Romanian

YouTube
BreakingBadnessJan 14, 2025

🌐Securing Critical Infrastructure 🌐

Dive into the world of industrial control systems with @hacks4pancakes from @dragosinc. In this episode of the Breaking Badness Cybersecurity Podcast, discover the unique challenges and essential practices for securing our critical infrastructure. 🚧🔒

#CyberSecurity #IndustrialControlSystems #OTSecurity #Dragos

Listen wherever you get podcasts

Apple: https://podcasts.apple.com/us/podcast/industrial-cybersecurity-explained-with-lesley-carhart/id1456143419?i=1000668351711

Spotify: https://open.spotify.com/episode/5S8UINAbTA1XC4TvMZBBqT

YouTube: https://www.youtube.com/watch?v=S2f4MSQL7gg&ab_channel=DomainTools

Industrial Cybersecurity Explained with Lesley Carhart

Podcast Episode · Breaking Badness · 09/04/2024 · 25m

Apple Podcasts
Show threadClaudius LinkNov 29, 2024

@dragosinc

First takeaway. The #SANS Five ICS Cybersecurity Critical Controls

While I think I had come across them before it was helpful to get a quick overview.

Different many other approaches to #Cybersecurity, they don't start with a focus of prevention.

The 5 critical controls are

  • ICS-specific Incident Response Plan
  • Defensible Architecture
  • ICS Network Visibility and Monitoring
  • Secure Remote Access
  • Risk-based VulnerabilityManagement Program

    • ICS-specific Incident Response Plan

    Identify the scenarios which apply to you according to your industry, setting, etc. Start with 2-3 high consequence Simulate the scenarios and test your incident response plans, identify and prioritize gaps.

    Defensible Architecture

    to enable humans to successfully defend your system. Asset management, isolation, segmentation based on risks identified in the scenarios above and to enable

    ICS Network Visibility and Monitoring

    Without this a root cause analysis is hard. And without identifying "the" root cause it's impossible to corrects problems (added benefit of identifying misconfigurations)

    Secure Remote Access

    Remote access is a reality in most OT systems.
    A lot of incidents start by unsecure remote access, including the 3rd parties like suppliers and service providers. So getting this secured including MFA, is crucial.

    Risk-based Vulnerability

    Management Program

    Patch everything isn't general possible in an OT setting. Instead of trying and failing focus on the vulnerabilities which increase the risks identified before.

    Find more information at
    https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/
    or
    https://www.dragos.com/blog/the-sans-ics-five-critical-controls-a-practical-framework-for-ot-cybersecurity/

    (Little shoutout to @dragosinc, while there is a registration form when downloading stuff from #Dragos, there is generally also a "skip" button to download without providing information. I love it)

    The Five ICS Cybersecurity Critical Controls

    This paper sets forth the five most relevant critical controls for an ICS/OT cybersecurity strategy that can flex to an organization's risk model, and provides guidance for implementing them.

    Claudius LinkNov 29, 2024

    Last week i had the opportunity to participate in de #Dragos Industrial Security Conference in Munich (#DISC)

    AS the name suggests in was about #ICS/#OT #Cybersecurity

    In this thread I would like to share some takeaways

    (Not sure if @dragosinc is their official account)

    Alternativa nerdOct 25, 2024
    Revelado Novo Gameplay de Vampire Dynasty para o Indie Horror Showcase 2024 #caçadoresdevampiros #combate #dragos #fantasiasombria #históriaramificada #indiehorrorshowcase #influênciasobrenatural #jogodeaçãoeaventura #lançamento2025 #magianegra #mehumangames #mundoaberto #pc #poderesmíticos #sangavia #toplitzproductions #trailer #vampiredynasty #vampiro https://alternativanerd.com.br/games/revelado-novo-gameplay-de-vampire-dynasty-para-o-indie-horror-showcase-2024
    Revelado Novo Gameplay de Vampire Dynasty para o Indie Horror Showcase 2024

    A Mehuman Games e a Toplitz Productions revelaram um novo trailer de gameplay para Vampire Dynasty, durante o Indie Horror Showcase 2024.

    Alternativa Nerd
    JMSOct 24, 2024

    Dragos

    El drago posee un alto valor simbólico y cultural en las islas Canarias, teniendo también un gran atractivo como planta ornamental.

    #dragos #plamtaornamental #valorsimbolico #saviaroja #dracaenadraco #JMS

    https://descubre-curiosidades.blogspot.com/2024/10/drago-simbolo-canarias.html

    Dragos

    El drago posee un alto valor simbólico y cultural en las islas Canarias