Many industrial organizations lack the resources, expertise, and collaborative processes to effectively mitigate threats and ensure secure access to operational technology (OT) systems, according to Cyolo. Ensuring secure access to OT environments is about more than just cybersecurity. These environments contain highly sensitive systems and critical infrastructure responsible for keeping manufacturing lines running, water and […]
Dec 22, 2023NewsroomThreat Intelligence / Supply Chain Attack Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly […]
After hackers compromised an industrial control system (ICS) at a water utility in the United States, the cybersecurity agency CISA issued an alert over the exploitation of the targeted device. The target of the attack was the Municipal Water Authority of Aliquippa in Pennsylvania, which confirmed that hackers took control of a system associated with […]
Researchers have discovered 21 vulnerabilities in a popular brand of industrial router. On Dec. 7 at Black Hat Europe, analysts from Forescout will reveal the bugs — including one of 9.6 “Critical” severity on the CVSS scale, and nine “High” severity — affecting a brand of operational technology (OT)/Internet of Things (IoT) routers especially common […]
Industrial giant Rockwell Automation announced on Monday that it has signed a definitive agreement to acquire Verve Industrial Protection, a cybersecurity company specializing in industrial control systems (ICS) and operational technology (OT). Verve’s managed OT/ICS security platform provides asset inventory, vulnerability management, patch management, configuration management, SIEM, incident response, and backup and restore capabilities. In […]
Oct 17, 2023NewsroomData Security / Network Security A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers […]
A vulnerability affecting some industrial routers made by Chinese IoT and video surveillance product maker Milesight may have been exploited in attacks, according to exploit and vulnerability intelligence firm VulnCheck. Several UR-series industrial cellular routers from Milesight (Ursalink) are affected by CVE-2023-43261, a serious vulnerability exposing system log files, such as ‘httpd.log’. The exposed logs […]
Hacktivists in Palestine and Israel after SCADA and other industrial control systems Pierluigi Paganini October 10, 2023 Both pro-Israeli and pro-Palestinian hacktivists have joined the fight and are targeting SCADA and ICS systems. Both pro-Israeli and pro-Palestinian hacktivists have joined the fight in the cyber realm. Industrial control systems (ICS) seem to be one of […]
60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers. […]