Cybersecurity Funding Xona Raises $18 Million for OT Remote Access Platform OT zero trust user access platform provider Xona has raised $18 million, which brings its total investment to $32 million. Eduard KovacsJune 11, 2024
ICS/OT Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs Cisco Talos researchers have found over a dozen vulnerabilities in AutomationDirect PLCs, including flaws that could be valuable to attackers. Eduard KovacsJune 10, 2024
ICS/OT Rockwell Automation Urges Customers to Disconnect ICS From Internet Rockwell Automation is concerned about internet-exposed ICS due to heightened geopolitical tensions and adversarial cyber activity globally. Eduard KovacsMay 22, 2024
ICS/OT Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution Claroty shows how Honeywell ControlEdge Virtual UOC vulnerability can be exploited for unauthenticated remote code execution. Eduard KovacsMay 22, 2024
ICS/OT ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. Eduard KovacsMay 15, 2024
ICS/OT Russian Hackers Target Industrial Systems in North America, Europe Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems. Eduard KovacsMay 2, 2024
ICS/OT Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated An analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption. Eduard KovacsApril 29, 2024
ICS/OT Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. Eduard KovacsApril 23, 2024
Nation-State Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. Eduard KovacsApril 17, 2024
ICS/OT Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products. Eduard KovacsMarch 27, 2024
Malware & Threats Suspicious NuGet Package Harvesting Information From Industrial Systems A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon. Ionut ArghireMarch 26, 2024
ICS/OT UK Government Releases Cloud SCADA Security Guidance UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud. Eduard KovacsMarch 18, 2024
ICS/OT ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities Siemens and Schneider Electric publish March 2024 Patch Tuesday advisories to inform customers about over 200 vulnerabilities. Eduard KovacsMarch 12, 2024
Government CISA’s OT Attack Response Team Understaffed: GAO GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time. Eduard KovacsMarch 12, 2024
ICS/OT Cisco Releases Open Source Backplane Traffic Visibility Tool for OT Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. Eduard KovacsMarch 6, 2024
ICS/OT Cyber Insights 2024: OT, ICS and IIoT In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that... Kevin TownsendMarch 6, 2024
ICS/OT Zeek Security Tool Vulnerabilities Allow ICS Network Hacking Vulnerabilities in a plugin for the Zeek network security monitoring tool can be exploited in attacks aimed at ICS environments. Eduard KovacsMarch 5, 2024
ICS/OT Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware. Eduard KovacsMarch 4, 2024
ICS/OT China’s Volt Typhoon Hackers Are Exfiltrating Sensitive OT Data Volt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos. Eduard KovacsFebruary 20, 2024
ICS/OT Mitsubishi Electric Factory Automation Flaws Expose Engineering Workstations Critical and high-severity Mitsubishi Electric Factory Automation vulnerabilities can allow privileged access to engineering workstations. Eduard KovacsFebruary 5, 2024