Category: IT/OT

In August 2025, a coalition of cybersecurity agencies from the U.S., Canada, Australia, New Zealand, the Netherlands, Germany—and later joined by the U.K.—issued new guidance calling on OT/ICS operators to develop and maintain a definitive, continually updated system inventory. This isn’t just bureaucratic advice. It addresses a core pain point: if you don’t reliably know what’s in your environment and how it connects, you

On August 28 2025, CISA published nine advisories covering Mitsubishi Electric, Schneider Electric, Delta Electronics, GE Vernova, and Hitachi Energy. Several issues are remotely exploitable with low attack complexity; patches exist for many products, while some Mitsubishi Electric PLC weaknesses require compensating controls only. No known public exploitation is reported as of August 28, 2025 [1]. (cisa.gov) Overview These ICS advisories span PLCs, HMI/SCADA

Chinese state-sponsored cyber actors are conducting long-running intrusion campaigns against telecoms and other critical networks by exploiting known vulnerabilities in edge and core network devices. As of August 28, 2025, CISA’s joint advisory AA25-239A reports widespread targeting of backbone, provider edge (PE), and customer edge (CE) routers, with persistence achieved via configuration tampering, tunneling, and credential collection; patches and detailed mitigations are available, and CISA has published STIX IOCs to aid hunting.

What’s New? The latest release of the Léargas XDR platform introduces enhanced detection and analysis functionality that fuses Zeek protocol visibility, ICS-specific threat patterns, and AI-driven reasoning powered by our internal Multi-modal Command Processor (MCP). AI Meets ICS Threat Intelligence Our platform now integrates with known ICS/OT threat datasets, specifically aligned to real-world attacks cataloged under frameworks like MITRE ATT&CK for ICS. By incorporating

In May 2025, a Reuters investigation revealed what many of us in security have long feared: Chinese-manufactured solar inverters—deployed across the U.S. power grid—contained embedded, unauthorized cellular radios. These radios enabled direct command-and-control, bypassing local networks entirely. They functioned as silent kill switches for critical infrastructure. This isn’t theory. It’s verified. It’s happening now. At Léargas, we built our platform with threats like this

IntroductionFor decades, Information Technology (IT) and Operational Technology (OT) operated in isolation—each serving distinct purposes. IT focused on securing data, while OT managed physical processes and industrial control systems. However, as organizations pursue digital transformation (DX) and integrate Industrial Internet-of-Things (IIoT) devices, these once-separate environments are converging. While this shift promises efficiency and cost savings, it also exposes critical infrastructure to unprecedented cybersecurity risks.

Exploring the Processes, Challenges, and Path Toward AI-Augmented Security Operations Centers (SOC) Security Operations Centers (SOCs) face mounting challenges in staying ahead of increasingly sophisticated threats. At Léargas Security, our XDR platform has been designed with a focus on the Energy and Critical Infrastructure sectors, helping organizations navigate these challenges while preparing for a future where artificial intelligence (AI) transforms SOC workflows. Here, we

In alignment with Canada’s Cyber Security Readiness Goals (CRGs), the Léargas XDR platform combines advanced network forensics with embedded Zeek capabilities, enhancing CI defenses against sophisticated threats. This integration equips CI operators with powerful, in-depth visibility into network activities across IT, OT, and ICS environments, supporting the CRGs’ pillars for detection, response, and governance. Embedded Zeek for Network ForensicsZeek, embedded in Léargas XDR, provides

In today's digital age, safeguarding critical infrastructure is more crucial than ever. However, many organizations are grappling with cybersecurity challenges due to limited budgets, insufficient staffing, and outdated solutions. Enter Léargas-a comprehensive SaaS cybersecurity platform designed to address these pressing issues and revolutionize how critical infrastructure is protected.

As the US renewable energy industry expands, it faces increased risks from malicious cyber actors aiming to disrupt power generating operations, steal intellectual property, or ransom critical information. The FBI's recent Private Industry Notification highlights the urgency for robust cybersecurity measures in this sector. At Leargas Security, we are committed to safeguarding this crucial industry with our comprehensive, scalable cybersecurity platform.

In 2014, the pressing need for a comprehensive cybersecurity solution to the vulnerabilities faced by nearly 900 electric cooperatives was acknowledged by the U.S. Department of Energy (DOE). Understanding that the integration of Extended Detection and Response (XDR) solutions in electric cooperatives has become increasingly important in recent years, Léargas was driven to create a versatile and cost-effective platform. As these cooperatives digitally transform and adopt modern technologies, they also become more vulnerable to sophisticated cyber threats. These potential attacks not only pose a risk to the integrity of the cooperatives' data, but also threaten the stability of the electrical grid that powers our communities.

The fusion of Information Technology (IT) and Operational Technology (OT) ecosystems is increasingly becoming integral in today's enterprises. As the cyber threat landscape continues to evolve, posing intricate and sophisticated attacks, organizations are turning to advanced security solutions such as Leargas Security XDR. This potent platform, built on the robust Zeek framework, offers an all-in-one approach to securing IT and OT environments, providing vital insights and capabilities that help businesses stay ahead of potential threats.