World Economic Forum Calls for Global Collaboration to Enhance Cyber Resilience in the Aviation IndustryThe aviation industry is unique. While going through the same digital transformation as other businesses, it is global by nature, transcends multiple jusidictions, and must collaborate internally with its own competitors.Nevertheless, it is a hugely succes

World Economic Forum Publishes Global Risks Report 2020For the first time ever, the top five most likely global risks enumerated in the annual Global Risks Report from the World Economic Forum (PDF) are all environmental: extreme weather, climate action failure, natural disasters, biodiversity loss, and human made environmental disasters. In terms of impact,

Hackers Can Cause Damage to Industrial Systems by Abusing Design WeaknessesAn analysis of industrial control systems (ICS) has shown that many products contain features and functions that have been designed with no security in mind, allowing malicious hackers to abuse them and potentially cause serious damage.PAS, which provides industrial cybersecurity and

Trend Micro researchers have set up a factory honeypot and found that industrial organizations should be more concerned about attacks launched by profit-driven cybercriminals rather than the threat posed by sophisticated state-sponsored groups.The honeypot mimicked a factory and was designed to be as realistic as possible. The industrial environment included

Siemens this week addressed several vulnerabilities and warned customers about the security risks associated with the use of ActiveX in industrial products.Microsoft’s ActiveX controls make it possible for websites to provide certain types of content, such as videos and games, and they allow users to interact with certain types of elements in the browser, su

As cars evolve into rolling mobile computers, the potential for disastrous cyber attacks has become a new road hazard.Israeli cybersecurity firm GuardKnox demonstrated the threat in a Formula 1 driving simulation at the Consumer Electronics show this week in Las Vegas.Moments into the virtual drive, a GuardKnox engineer playing the role of hacker struck and

An increasing number of threat groups have been spotted targeting electric utilities in North America, industrial cybersecurity firm Dragos reported on Thursday.The company has published a new report that describes the threats faced by the electric sector in North America.“As adversaries and their sponsors invest more effort and money into obtaining effects-

Rockwell Automation on Wednesday announced that it has entered an agreement to acquire Israel-based cybersecurity solutions provider Avnet Data Security in an effort to expand its cybersecurity expertise.Founded in 1995, Avnet provides a wide range of services and solutions for IT and OT environments, including penetration testing, assessments, training, and

Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems (ICS), organizations have s

MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems (ICS).MITRE’s ATT&CK framework has been widely used by cybersecurity professionals to describe and classify attacker behavior and assess an organization’s ri

Iran’s response to the recent U.S. airstrike that killed Qassem Soleimani, a senior Iranian military commander, could include cyberattacks, and organizations should be prepared to prevent and respond to attacks, cybersecurity professionals have warned.General Qassem Soleimani led the Quds Force, an elite unit of the Iranian Revolutionary Guards. He has been

A cyber-espionage group has targeted hundreds of industrial companies in South Korea and other countries using malware designed to help hackers steal passwords and documents, industrial cybersecurity firm CyberX revealed on Tuesday.The campaign, which CyberX has dubbed Gangnam Industrial Style, is ongoing and the company’s threat intelligence team continues

Several critical vulnerabilities found by Cisco Talos researchers in programmable logic controllers (PLCs) made by WAGO can be exploited remotely for arbitrary code execution and denial-of-service (DoS) attacks.All of the flaws found by Cisco Talos affect the protocol handling code of the I/O Check configuration service used by WAGO PFC100 and PFC200 series

Schneider Electric last week informed customers that patches have been made available for vulnerabilities in some Modicon controllers and several EcoStruxure products.According to Schneider, Modicon M580, M340, Quantum and Premium controllers are affected by three denial-of-service (DoS) vulnerabilities.The vendor says all three flaws are caused by “improper

The Siemens SPPA-T3000 distributed control system, which is designed for fossil and renewable power plants, is affected by over 50 vulnerabilities, including flaws that can be exploited to disrupt electricity generation.According to Siemens, the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impa