Shield Your OT Environment: CISA/FBI Warns of Simple ICS/SCADA Exploits

May 28, 2025

Isolate OT from the Internet, enforce strong credentials, segment networks, and practice manual operations to prevent defacements and disruptions.

Unsophisticated cyber actors are targeting ICS/SCADA systems in Oil & Natural Gas sectors—conducting defacements, configuration interference, operational disruptions, and even risking physical damage—often by exploiting poor cyber hygiene and exposed assets. The CISA/FBI alert directs operators to a joint CISA–FBI–EPA–DOE fact sheet that recommends key mitigations, including disconnecting OT from the public internet, replacing default credentials with strong, unique passwords, securing and documenting remote access, segmenting IT and OT networks, and practicing manual operation of OT systems. Organizations should adopt these measures immediately to strengthen their critical infrastructure; contact us for assistance with implementation.


Source: CISA/FBI alert

Dormant Magento Supply Chain Attack Hits Up to 1,000 Merchants

May 28, 2025
21 extensions from Tigren, Magesolution, and Meetanshi carried six-year-old card-stealing malware—audit your plugins for the fake license and strengthen runtime protections.

Protect Your Meetings: Microsoft Teams Introduces Screen Capture Prevention

May 28, 2025
Blacked-out video for screenshots on Windows, macOS, iOS, and Android ensures sensitive content remains secure.

Protect Your Network: FBI Warns of Proxy Abuse on End-of-Life Routers

May 28, 2025
Inventory, segment, and secure outdated devices using FBI IoCs to block anonymized cybercriminal traffic.
Business man pointing at a negative graph

Increase of Fraud and Ransomware Activity Impact Losses By 33%

May 13, 2025
Business profits are down 16.6 billion due to increase of fraud and ransomware
unlocked computer

VeriSource Services Data Breach February 2024

May 13, 2025
VeriSource Data breach that reveals employee benefit records
Verizon 2025 Data Breach Report

Verizon’s 2025 Data Breach Investigations Report

May 8, 2025
Security Teams Should Strengthen Vendor Oversight
Spain and Portugal

Spain and Portugal Power Outage

May 8, 2025
Critical Infrastructure Operators Should Validate Contingency Plans
Alert Fatigue

SAP Emergency Patch

May 7, 2025
SAP has issued an emergency patch for CVE-2025-31324 (CVSS 10.0) in NetWeaver Visual Composer Framework 7.50 after ReliaQuest researchers observed active exploitation of a missing authorization check in the Metadata Uploader. This flaw allowed unauthenticated attackers to upload malicious binaries, jeopardizing system confidentiality, integrity, and availability. Organizations should immediately apply the update via the SAP Software Download Center and audit their systems for indicators of compromise; contact us for assistance with patch deployment and verification. (Source: SAP security advisory; contact us for more information.)

Caliber Solutions Named Top Two Partner for AppDirect

May 6, 2025
AppDirect Names Caliber Solutions as One of Two Partners With Over $1 million in Sales
Caliber Holdings Acquires Cavalry Solutions, Expanding Capabilities in Operational Technology

Caliber Holdings Acquires Cavalry Solutions

April 11, 2025
We are thrilled to announce the acquisition of Cavalry Solutions, a pioneer in managed services and operational technology (OT). This strategic acquisition enhances our capabilities in integrating IT and OT solutions, positioning us to meet the growing needs of interconnected technology systems across various industries.