ICS vulnerabilities disclosed in H1 2021 rose by 41%
Industrial control system (ICS) vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have …
ICS/SCADA
Collaboration is the key to protecting critical national infrastructure
Concern around protecting critical national infrastructure (CNI) is growing. Following several high-profile attacks and growing tensions around state sponsored cyber activity, …
MITRE Engenuity launches ATT&CK Evaluations for ICS
MITRE Engenuity today released results from its first round of independent ATT&CK Evaluations for Industrial Control Systems (ICS). The evaluations examined how …
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …
Industrial facilities progressively at risk of data theft and ransomware attacks
Trend Micro released a new report highlighting the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial …
Critical vulnerabilities identified in CODESYS ICS automation software
Researchers have identified 10 vulnerabilities in CODESYS automation software for industrial control systems. Some are of high and critical severity. “The vendor rated …
Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations
Cybersecurity is a race. A race that has for over a decade been extended to include systems that run the world’s industrial facilities, where a breach can compromise more than …
Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass
The FireEye Mandiant team has discovered multiple threat actors exploiting a zero-day vulnerability in Pulse Secure VPN appliances. The attack infrastructure is very …
68% of construction executives have no cybersecurity measures in place
The construction industry may not appear to be an obvious target for cybercrime, but it garners unwanted online attention just like other sectors. According to a report by …
Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of …
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …
Misplaced expectations securing water treatment systems
The cyber attack that tried to poison the drinking water system in Oldsmar, Florida is similar to last year’s attack on small water systems in Israel. Both attacks tried …