Unser Artikel ist online 🎉

Ransomware-Angriffe: Wie Unternehmen ihre Produktion trotz IT-Totalausfall sichern

Wenn Ransomware Unternehmen trifft, fällt häufig die gesamte IT für mehrere Wochen aus. Durch die enge Verzahnung mit der OT beeinträchtigt das oft auch den Produktionsbetrieb. Eine Analyse der Kernprozesse und gut geplante Fallback-Maßnahmen sichern den laufenden Betrieb und vermeiden hohe Ausfallkosten

https://www.itsicherheit-online.com/downloads/it-sicherheit-5-2025-schwerpunkt-it-sa-2025/

#Resilienz #OT #Produktion #KRITIS #Ransomware #InfoSec

Malcolm v25.09.0 includes new features and available customizations, improvements to Threat Intelligence, component version updates, and several important bug fixes.

https://github.com/idaholab/Malcolm/compare/v25.08.1...v25.09.0

• ✨ Features and enhancements
  • improve Modbus register tracking with new modbus_detailed.log (cisagov/Malcolm#762)
  • add non-LVM option(s) for Malcolm/Hedgehog Linux ISO installers (cisagov/Malcolm#725)
  • allow configuring default search time frame for OpenSearch Dashboards (cisagov/Malcolm#724)
  • allow customizing maximum upload file size (cisagov/Malcolm#769)
  • add Arkime capture statistics to the Packet Capture Statistics dashboard (cisagov/Malcolm#703)
  • integrate Validated Architecture Design Review (VADR) dashboards (cisagov/Malcolm#780)
  • Threat Intelligence improvements
    • support Google Threat Intelligence feed for building Zeek intel source (cisagov/Malcolm#758)
    • renamed Zeek Intelligence dashboard to Threat Intelligence and improved it
    • links from context menu items in Arkime and Dashboards (like reference URLs for IOCs) now ask the user before navigating to external sites
  • Added icons with links to "ready" and "ingest statistics" APIs to landing page
  • Include tx-rx-secure.sh in files packaged by malcolm_appliance_packager.sh
• ✅ Component version updates
  • Arkime to v5.8.0
  • NetBox to v4.3.7
  • yq to v4.47.2
  • Fluent Bit to v4.0.10
• 🐛 Bug fixes
  • Python code handling X-Forwarded- headers should do case insensitive lookup (cisagov/Malcolm#764)
  • uploaded PCAPs that result in no filename-derived tags erroneously end up with internal tags on them (cisagov/Malcolm#774)
  • installer option for encrypted storage are not marking secondary data/artifact storage for encryption (cisagov/Malcolm#779)
  • Malcolm/Hedgehog Linux ISO-installed environments' auditd service fails to start (cisagov/Malcolm#761)
  • Failed shard query error on Overview dashboard (cisagov/Malcolm#754)
• 🧹 Code and project maintenance
  • refactor GitHub build actions for Malcolm Docker images to reduce duplication (cisagov/Malcolm#717)
• 📄 Configuration changes (in environment variables in ./config/) for Malcolm and in control_vars.conf for Hedgehog Linux. The Malcolm control script (e.g., ./scripts/status, ./scripts/start, etc.) should take care of creating new variables and migrating existing ones as needed based on the rules in ./config/env-var-actions.yml.
  • Malcolm
    • PCAP_UPLOAD_MAX_FILE_GB added to upload-common.env to allow configuring maximum PCAP upload size (cisagov/Malcolm#769)
    • DASHBOARDS_TIMEPICKER_FROM and DASHBOARDS_TIMEPICKER_TO added to dashboards-helper.env to allow configuring default search time frame for OpenSearch Dashboards (cisagov/Malcolm#724)

Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL

#OT #Advisory VDE-2025-087
WAGO: Vulnerabilities in Device Sphere and Solution Builder

Due to a missing authentication check, the WAGO Solution Builder and the WAGO Device Sphere are vulnerable to a potential information exposure.
#CVE CVE-2025-41715, CVE-2025-41716

https://certvde.com/en/advisories/VDE-2025-087/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-087.json

🧰 Hunt kit. Assessment kit. DCO kit. Flyaway kit. SOC in a Box. Expeditionary kit. Mobile Air Cyber Kit. Regardless of the name, we understand that those responsible for securing #OT and the broader cyber physical system footprint have a mission that requires agility, expediency, and of course tools with requisite OT- and broader CPS-specific protocol, configuration and communications expertise.

Claroty's offering is truly unmatched in offering comprehensive protection for #federal OT and CPS environments – and on the fly. 📄 Download this Solution Overview to see some of the key differentiators that make The Claroty Platform the clear choice for protecting #FederalOT and CPS networks. https://claroty.com/resources/datasheets/enabling-rapid-and-portable-ot-and-cps-security-for-dod-and-civilian-agility

La mandanga del martes, o #elcoñot o esas notas pícaras, picantes y pipiripipirirí de mí para vos:

Parte 1/2 🧶:

-Yo quiero bailar es una canción básica en términos compositivos y de ejecutar en lo vocal, amén de muy asimilable en su optimismo y arreglos trompeteros, de ahí su éxito y el desprecio de la crítica. Pide poco y da todo lo que tiene, que no es mucho pero sube rápido. Anoche la cantaron como desde el fondo de una tinaja (fallos técnicos) con unos arreglos (los coros masculinos...) cuestionables y la interpretaron como pollos sin cabeza, sin cohesión grupal en los movimientos. Errores en su mayor parte de quienes les preparan que pagaron les chiques.

-Carita triste fue un número deliciosamente desafinado, porque o lo asumes así o te tapas las orejas con algún producto marca ACME. Fíjense en Leire y Abraham mirando monitores sin poder creérselo. Parecían dentro de su cabeza en lugar de en la canción, podría jugar que contaban mentalmente los pasos a seguir (eso era con los videos de Eva Nasarre, caris) y las notas a dar. A Esther Aranda le gusta. Con todo, Claudia estuvo por encima de su compa. Está mortalmente nominada.

-Laura, la estreñida oficial, cantó imaginando que estaba en el aseo, y al final, espóiler, hizo caca, al menos esa nota ida, idísima, indica que en su imaginación evacuó. Derrape importante. Es bratz. Martín Tinho (con nombre del OT de Pilar Rubio), por su parte, se pensaba cantando en su habitación con la camisa ancha de su padre y bien de Brummel. Amo sus caras en el repaso.

-Crespo y Guille Toledano parecen sacados del casting de Elite. A saber dónde acabarán. Ayer cumplieron. No era una canción complicada, ni había competencia.

-Carlos, la nutria del programa (queer code), y Lucía, bien. Decentes de nuevo, hasta en el vestuario. Podrían haber brillado, tenían la canción. Da rabia (a él el primero, que lloró desconsolado en el repaso).

#popazo #music #musica #tv #television #primevideo #ot #ot2025 #ot1 #otgala1 #operaciontriunfo

Concursantes de 'OT' tienen dificultades para entender el funcionamiento de un reloj analógico

La gente de 'OT' ni sabe leer un reloj analógico, y quieren que sepamos quiénes fueron los Reyes Católicos. Menudo nivel. La culpa no es sólo de ellos, sino de un sistema educativo que fomenta la ignorancia. Así nos va.

[Ver comentario original]