ICS/OT Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. Eduard Kovacs1 day ago
Nation-State Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. Eduard KovacsApril 17, 2024
ICS/OT Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products. Eduard KovacsMarch 27, 2024
Malware & Threats Suspicious NuGet Package Harvesting Information From Industrial Systems A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon. Ionut ArghireMarch 26, 2024
ICS/OT UK Government Releases Cloud SCADA Security Guidance UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud. Eduard KovacsMarch 18, 2024
ICS/OT ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities Siemens and Schneider Electric publish March 2024 Patch Tuesday advisories to inform customers about over 200 vulnerabilities. Eduard KovacsMarch 12, 2024
Government CISA’s OT Attack Response Team Understaffed: GAO GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time. Eduard KovacsMarch 12, 2024
ICS/OT Cisco Releases Open Source Backplane Traffic Visibility Tool for OT Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. Eduard KovacsMarch 6, 2024
ICS/OT Cyber Insights 2024: OT, ICS and IIoT In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that... Kevin TownsendMarch 6, 2024
ICS/OT Zeek Security Tool Vulnerabilities Allow ICS Network Hacking Vulnerabilities in a plugin for the Zeek network security monitoring tool can be exploited in attacks aimed at ICS environments. Eduard KovacsMarch 5, 2024
ICS/OT Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware. Eduard KovacsMarch 4, 2024
ICS/OT China’s Volt Typhoon Hackers Are Exfiltrating Sensitive OT Data Volt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos. Eduard KovacsFebruary 20, 2024