HackDig : Dig high-quality web security articles for hackers

Tens of Vulnerabilities in Siemens PLM Products Allow Code Execution

Siemens this week informed customers that some of its product development solutions are affected by a total of nearly two dozen vulnerabilities that can be exploited for arbitrary code execution using malicious files.The security holes were discovered by a couple of researchers and their disclosure was coordinated through Trend Micro’s Zero Day Initiative (Z
Publish At:2021-01-15 18:17 | Read:84 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Vulnerabilities Can Allow Hackers to Create Backdoors in Comtrol Industrial Gateways

Several vulnerabilities have been identified in Pepperl+Fuchs Comtrol IO-Link Master industrial gateways, including flaws that researchers claim can be exploited to gain root access to a device and create backdoors.A researcher at Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Comtrol industrial
Publish At:2021-01-14 11:05 | Read:158 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities hack

Beyond the Pandemic: Far-ranging and Lasting Change Ahead for Industrial Networks

IT and OT Teams in Critical Infrastructure and Manufacturing Companies Must be Able to Proactively Manage RiskAs IT and security professionals, we know that change is constant. In fact, part of what defines us is our ability to adapt to change and the faster we adapt, the more successful we will be. The change we encountered in 2020 was unprecedented and had
Publish At:2021-01-12 12:17 | Read:94 | Comments:0 | Tags:INDUSTRY INSIGHTS SCADA / ICS

DoS Vulnerabilities Found in Rockwell's FactoryTalk Linx and RSLinx Classic Products

Researchers have discovered vulnerabilities that expose Rockwell Automation’s FactoryTalk Linx and RSLinx Classic products to denial-of-service (DoS) attacks.According to an advisory published by Rockwell late last month, researchers from cybersecurity firm Tenable discovered a total of four DoS vulnerabilities, three affecting FactoryTalk Linx and one impac
Publish At:2021-01-08 14:41 | Read:155 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Dragos Hires Former PepsiCo Deputy CISO Steve Applegate

Industrial cybersecurity firm Dragos has hired Steve Applegate, former VP and Deputy CISO at PepsiCo, as Chief Information Security Officer (CISO).The cybersecurity veteran took to LinkedIn this week to share the news. “I’m very excited to announce that I’ve joined the Dragos team! I’ve been watching this exciting company for many years, as well as benefitin
Publish At:2021-01-06 13:15 | Read:113 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS

Critical Flaws in Kepware Products Can Facilitate Attacks on Industrial Firms

Several critical vulnerabilities have been found by researchers in products from PTC-owned industrial automation solutions provider Kepware.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published two advisories describing vulnerabilities identified in Kepware products.One of the advisories covers three flaws discovered by researc
Publish At:2020-12-23 12:35 | Read:264 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

CISA Issues ICS Advisory for New Vulnerabilities in Treck TCP/IP Stack

Security updates available for the Treck TCP/IP stack address two critical vulnerabilities leading to remote code execution or denial-of-service. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory to warn organizations using industrial control systems (ICS) about the risks posed by these flaws.A low-level TCP/IP software
Publish At:2020-12-22 13:11 | Read:254 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Risk Management Vulnerabilit

German Government Backs Bill Requiring 5G Security Pledge

German Chancellor Angela Merkel’s Cabinet approved a bill Wednesday that would require companies involved in setting up critical infrastructure such as high-speed 5G networks to guarantee that their equipment can’t be used for sabotage, espionage or terrorism.The bill, which now goes to parliament, seeks to address concerns that vendors such as Chinese tech
Publish At:2020-12-16 16:47 | Read:170 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY SCADA / ICS Wireless Sec

Securing the New IT/OT Reality

Security Teams Need to Able to Identify and Track Threats That Cross the IT/OT BoundaryThe COVID crisis accelerated the convergence of IT and operational technology (OT) networks. Even enterprises in industries that depend on physical processes – such as manufacturing, food and beverage, pharmaceuticals, oil and gas, and electric utilities – enabled at least
Publish At:2020-12-15 13:29 | Read:97 | Comments:0 | Tags:INDUSTRY INSIGHTS SCADA / ICS

Vast Majority of OT Devices Affected by Urgent/11 Vulnerabilities Still Unpatched

A vast majority of operational technology (OT) devices affected by the Urgent/11 vulnerabilities and many devices impacted by the CDPwn flaws remain unpatched, IoT security firm Armis reported on Tuesday.According to the company, 97% of industrial devices affected by the Urgent/11 vulnerabilities have not been patched. As for the CDPwn bugs, 80% of impacted
Publish At:2020-12-15 09:35 | Read:228 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities IoT Security

Vulnerability in NI Controller Can Allow Hackers to Remotely Disrupt Production

A potentially serious vulnerability affecting CompactRIO controllers made by NI (National Instruments) could allow hackers to remotely disrupt production processes in an organization, according to researchers.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an ICS-CERT advisory to inform organizations about a high-severity
Publish At:2020-12-11 15:53 | Read:265 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities Vulnerabilit

Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products

Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system (ICS) products.Siemens has released six new advisories and updated 18 previous advisories. The new advisories describe vulnerabilities affecting the company’s
Publish At:2020-12-09 13:11 | Read:153 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Industrial Cybersecurity Firm Dragos Raises $110 Million

Industrial cybersecurity firm Dragos announced on Tuesday that it has raised $110 million in a Series C funding round, which brings the total raised by the company to-date to $158 million.Dragos was founded in May 2016 by Robert M. Lee (CEO), Jon Lavender (CTO) and Justin Cavinee (Chief Data Scientist), former members of the U.S. intelligence community who w
Publish At:2020-12-08 13:47 | Read:156 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS security cyber cybersecurity

Iranian Hackers Access Unprotected ICS at Israeli Water Facility

A group of Iranian hackers recently posted a video showing how they managed to access an industrial control system (ICS) at a water facility in Israel.According to industrial cybersecurity firm OTORIO, the hackers accessed a human-machine interface (HMI) system that was directly connected to the internet without any authentication or other type of protection
Publish At:2020-12-04 12:17 | Read:220 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Virus & Threats Cybercri

Flaws in Rockwell Automation Product Expose Engineering Workstations to Attacks

Vulnerabilities discovered by researchers in Rockwell Automation’s FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments.FactoryTalk Linx, formerly known as RSLinx Enterprise, is a widely used product designed for connecting Allen Bradley programmable logic controllers (PLCs) to Rockwell applications,
Publish At:2020-12-01 14:05 | Read:185 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Tools

Tag Cloud