Patrick C Miller
@patrickcmiller.bsky.social
Critical Infrastructure & Industrial Security Advisor. Ampyx Cyber CEO. Public speaker. Airport dweller. Recovering regulator. BEERISAC member. CCI US Coordinator. Former SANS Instructor.
#ICS #OT #NERCCIP #NIST #IEC62443 #NIS2 #CRA #SlavaUkraini
#ICS #OT #NERCCIP #NIST #IEC62443 #NIS2 #CRA #SlavaUkraini
Pinned
"The more advanced the automated system, the more crucial the contribution of the human operator..." The Automation Paradox
Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors - Industrial Cyber industrialcyber.co/reports/zsca...
Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors - Industrial Cyber
Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors.
industrialcyber.co
November 11, 2025 at 5:12 PM
Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors - Industrial Cyber industrialcyber.co/reports/zsca...
GlassWorm Malware Returns to Open VSX, Emerges on GitHub www.securityweek.com/glassworm-ma...
GlassWorm Malware Returns to Open VSX, Emerges on GitHub
Three more VS Code extensions were infected last week and the malware has emerged in GitHub repositories as well.
www.securityweek.com
November 11, 2025 at 4:42 PM
GlassWorm Malware Returns to Open VSX, Emerges on GitHub www.securityweek.com/glassworm-ma...
Pentagon details new cyber force generation model to enhance USCYBERCOM’s operational effectiveness industrialcyber.co/critical-inf...
Pentagon details new cyber force generation model to enhance USCYBERCOM’s operational effectiveness - Industrial Cyber
US Pentagon provides detail on a new cyber force generation model to enhance USCYBERCOM’s operational effectiveness.
industrialcyber.co
November 11, 2025 at 4:12 PM
Pentagon details new cyber force generation model to enhance USCYBERCOM’s operational effectiveness industrialcyber.co/critical-inf...
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager www.securityweek.com/sap-patches-...
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager
Hardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments.
www.securityweek.com
November 11, 2025 at 3:42 PM
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager www.securityweek.com/sap-patches-...
UK asks cyberspies to probe whether Chinese buses can be switched off remotely www.theregister.com/2025/11/11/u...
UK.gov probes security risks of Chinese electric buses
: Norwegian testers claim maker has remote access, while UK importer says supplier complies with the law
www.theregister.com
November 11, 2025 at 3:12 PM
UK asks cyberspies to probe whether Chinese buses can be switched off remotely www.theregister.com/2025/11/11/u...
European Countries Probing ‘Security Loophole’ in China-Made Electric Buses gizmodo.com/european-cou...
European Countries Probing 'Security Loophole' in China-Made Electric Buses
Norway, Denmark, and the UK are investigating buses from China’s Yutong over fears they could be disabled remotely.
gizmodo.com
November 11, 2025 at 2:42 PM
European Countries Probing ‘Security Loophole’ in China-Made Electric Buses gizmodo.com/european-cou...
Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site www.securityweek.com/nearly-30-al...
Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site
The Cl0p website lists major organizations such as Logitech, The Washington Post, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland.
www.securityweek.com
November 11, 2025 at 2:12 PM
Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site www.securityweek.com/nearly-30-al...
Two New Web Application Risk Categories Added to OWASP Top 10 www.securityweek.com/two-new-web-...
Two New Web Application Risk Categories Added to OWASP Top 10
OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications.
www.securityweek.com
November 11, 2025 at 1:42 PM
Two New Web Application Risk Categories Added to OWASP Top 10 www.securityweek.com/two-new-web-...
ISA position paper explores industrial AI in automation, covering opportunities, risks, cybersecurity considerations - Industrial Cyber industrialcyber.co/ai/isa-posit...
ISA position paper explores industrial AI in automation, covering opportunities, risks, cybersecurity considerations - Industrial Cyber
New ISA position paper explores industrial AI in automation, covering opportunities, risks, and cybersecurity considerations.
industrialcyber.co
November 11, 2025 at 1:12 PM
ISA position paper explores industrial AI in automation, covering opportunities, risks, cybersecurity considerations - Industrial Cyber industrialcyber.co/ai/isa-posit...
APT37 hackers abuse Google Find Hub in Android data-wiping attacks www.bleepingcomputer.com/news/securit...
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
www.bleepingcomputer.com
November 11, 2025 at 12:42 PM
APT37 hackers abuse Google Find Hub in Android data-wiping attacks www.bleepingcomputer.com/news/securit...
Enforcement begins for New York’s algorithmic pricing law therecord.media/enforcement-...
Enforcement begins for New York’s algorithmic pricing law
California’s legislature also has enacted an algorithmic pricing law, but it has not yet taken effect, making New York the first state in the country to regulate the practice.
therecord.media
November 11, 2025 at 12:12 PM
Enforcement begins for New York’s algorithmic pricing law therecord.media/enforcement-...
Cisco detects new attack variant targeting vulnerable firewalls www.cybersecuritydive.com/news/cisco-f...
Cisco detects new attack variant targeting vulnerable firewalls
Hackers may be able to overload unpatched devices, the company said.
www.cybersecuritydive.com
November 11, 2025 at 11:42 AM
Cisco detects new attack variant targeting vulnerable firewalls www.cybersecuritydive.com/news/cisco-f...
Reposted by Patrick C Miller
Same as last night… Tonight’s BEER-ISAC meeting for #ISCCPH in Copenhagen is at Not Your Usual Wine Bar (maps.app.goo.gl/Vtj3U78pHo9P...) starting at 20:00 or whenever you want to get there. No coin or alcohol required. Just bring your awesome self.
maps.app.goo.gl
November 11, 2025 at 11:40 AM
Same as last night… Tonight’s BEER-ISAC meeting for #ISCCPH in Copenhagen is at Not Your Usual Wine Bar (maps.app.goo.gl/Vtj3U78pHo9P...) starting at 20:00 or whenever you want to get there. No coin or alcohol required. Just bring your awesome self.
As AI enables bad actors, how are 3,000+ teams responding? www.theregister.com/2025/11/10/a...
As AI enables bad actors, how are 3,000+ teams responding?
Partner Content: Breaking down trends in exposure management with insights from 3,000+ organizations and Intruder's security experts
www.theregister.com
November 11, 2025 at 11:12 AM
As AI enables bad actors, how are 3,000+ teams responding? www.theregister.com/2025/11/10/a...
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security - Industrial Cyber industrialcyber.co/threats-atta...
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security - Industrial Cyber
Governments, operators urged to align physical, cyber defenses in OSCE Technical Guide on critical infrastructure security
industrialcyber.co
November 11, 2025 at 10:42 AM
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security - Industrial Cyber industrialcyber.co/threats-atta...
Russian missile barrage disrupts internet, customs databases in Ukraine therecord.media/russian-miss...
Russian missile barrage disrupts internet, customs databases in Ukraine
Emergency blackouts lasting up to 12 hours were introduced following the attack, with Kyiv and other regions facing widespread internet and communication outages, according to internet watchdog…
therecord.media
November 11, 2025 at 10:12 AM
Russian missile barrage disrupts internet, customs databases in Ukraine therecord.media/russian-miss...
Short-term renewal of cyber information sharing law appears in bill to end shutdown therecord.media/cisa-2015-in...
Short-term renewal of cyber information sharing law appears in bill to end shutdown
An expired 2015 law that gives companies liability protection when they share cyberthreat information with the federal government would be renewed through January 30 under Senate legislation to end…
therecord.media
November 11, 2025 at 9:42 AM
Short-term renewal of cyber information sharing law appears in bill to end shutdown therecord.media/cisa-2015-in...
Runc Vulnerabilities Can Be Exploited to Escape Containers www.securityweek.com/runc-vulnera...
Runc Vulnerabilities Can Be Exploited to Escape Containers
The flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched.
www.securityweek.com
November 11, 2025 at 9:12 AM
Runc Vulnerabilities Can Be Exploited to Escape Containers www.securityweek.com/runc-vulnera...
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security industrialcyber.co/threats-atta...
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security - Industrial Cyber
Governments, operators urged to align physical, cyber defenses in OSCE Technical Guide on critical infrastructure security
industrialcyber.co
November 10, 2025 at 9:42 PM
OSCE Technical Guide urges unified physical and cyber defenses for critical infrastructure security industrialcyber.co/threats-atta...
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack securityaffairs.com/184372/hacki...
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack
Microsoft uncovered Whisper Leak side-channel attack that lets network snoopers infer AI chat topics despite encryption, risking user privacy.
securityaffairs.com
November 10, 2025 at 9:12 PM
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack securityaffairs.com/184372/hacki...
CISOs must prove the business value of cyber — the right metrics can help www.csoonline.com/article/4083...
CISOs must prove the business value of cyber — the right metrics can help
CISOs still struggle to prove the value of their security programs using metrics that their business leaders so desperately seek.
www.csoonline.com
November 10, 2025 at 8:42 PM
CISOs must prove the business value of cyber — the right metrics can help www.csoonline.com/article/4083...
Dangerous runC flaws could allow hackers to escape Docker containers www.bleepingcomputer.com/news/securit...
Dangerous runC flaws could allow hackers to escape Docker containers
Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system.
www.bleepingcomputer.com
November 10, 2025 at 8:12 PM
Dangerous runC flaws could allow hackers to escape Docker containers www.bleepingcomputer.com/news/securit...
Cisco creating new security model using 30 years of data www.theregister.com/2025/11/10/c...
Cisco creating new security model using 30 years of data
Exclusive: Doubles parameters to over 17 billion, to detect threats and recommend actions
www.theregister.com
November 10, 2025 at 7:42 PM
Cisco creating new security model using 30 years of data www.theregister.com/2025/11/10/c...
A Fundamental ‘Constant’ of the Universe May Not Be Constant At All, Study Finds www.404media.co/a-fundamenta...
A Fundamental ‘Constant’ of the Universe May Not Be Constant At All, Study Finds
New research “suggests that dark energy may no longer be a cosmological constant” and that the universe’s expansion is slowing down.
www.404media.co
November 10, 2025 at 7:12 PM
A Fundamental ‘Constant’ of the Universe May Not Be Constant At All, Study Finds www.404media.co/a-fundamenta...
NASA wants you to help kick some tires — on the moon www.nextgov.com/emerging-tec...
NASA wants you to help kick some tires — on the moon
The Rock and Roll with NASA Challenge offers $155,000 in prizes for top designs that can handle the punishing surface of the moon.
www.nextgov.com
November 10, 2025 at 6:42 PM
NASA wants you to help kick some tires — on the moon www.nextgov.com/emerging-tec...