ICS/SCADA
Researchers find critical RCE vulnerabilities in industrial VPN solutions
Critical vulnerabilities in several industrial VPN implementations for remotely accessing operational technology (OT) networks could allow attackers to overwrite data, execute …
Vulnerable platform used in power plants enables attackers to run malicious code on user browsers
Otorio’s incident response team identified a high-score vulnerability in OSISoft’s PI System. They immediately notified OSIsoft Software of the vulnerability, which …
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack
19 vulnerabilities – some of them allowing remote code execution – have been discovered in a TCP/IP stack/library used in hundreds of millions of IoT and OT …
Widely available ICS attack tools lower the barrier for attackers
The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …
US gas pipeline shut down due to ransomware
An unnamed US gas pipeline operator has falled victim to ransomware, which managed to encrypt data both on its IT (information technology) and operational technology (OT) …
New ransomware targets industrial control systems
With the ransomware threat is surging unstoppably in the last few years, it was just a matter of time until ICS-specific ransomware became a reality. Researchers from various …
Researchers create OT honeypot, attract exploits and fraud
Trend Micro announced the results of research featuring a honeypot imitating an industrial factory. The highly sophisticated Operational Technology (OT) honeypot attracted …
A look at cybersecurity for rail systems, building automation and the future of critical infrastructure
Waterfall Security Solutions announced a major expansion into new markets and industry verticals. In support of this expansion, Waterfall has secured a significant new funding …
ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical …
Oil and gas industry risks escalate, cybersecurity should be prioritized
The oil and gas industry and its supply chain face increased cybersecurity risks from advanced threat groups and others as they continue to build out digitally connected …
How can security teams effectively monitor OT and ICS networks?
Modern industrial operations are complex and dynamic environments that have unique security challenges. Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, …
How to reduce the risk posed by vulnerabilities in IoT/ICS networks?
IoT/ICS networks and unmanaged devices are soft targets for adversaries, increasing the risk of costly downtime, catastrophic safety and environmental incidents, and theft of …