ICS/SCADA
Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass
The FireEye Mandiant team has discovered multiple threat actors exploiting a zero-day vulnerability in Pulse Secure VPN appliances. The attack infrastructure is very …
68% of construction executives have no cybersecurity measures in place
The construction industry may not appear to be an obvious target for cybercrime, but it garners unwanted online attention just like other sectors. According to a report by …
Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of …
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …
Misplaced expectations securing water treatment systems
The cyber attack that tried to poison the drinking water system in Oldsmar, Florida is similar to last year’s attack on small water systems in Israel. Both attacks tried …
Number of ICS vulnerabilities disclosed in 2020 up significantly
Throughout the second half (2H) of 2020, 71% of industrial control system (ICS) vulnerabilities disclosed were remotely exploitable through network attack vectors, according …
Open-source tool for hardening commonly used HMI/SCADA system
Otorio, a provider of OT security and digital risk management solutions, released an open-source tool designed for hardening the security of GE Digital’s CIMPLICITY, one …
SolarWinds is the tip of the iceberg
The recent SolarWinds software supply chain breach is a clear indication that strong OT cybersecurity is a must-have in today’s threat environment. Waterfall’s technologies …
How COVID-19 has impacted the security threat landscape
A WatchGuard report reveals how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to …
How IoT insecurity impacts global organizations
As the Internet of Things becomes more and more part of our lives, the security of these devices is imperative, especially because attackers have wasted no time and are …
US charges Sandworm hackers who mounted NotPetya, other high-profile attacks
The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an …
Most ICS vulnerabilities disclosed this year can be exploited remotely
More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)