With the acceleration of digital transformation and convergence of IT and operational technology (OT) networks, Internet of Things (IoT) and Industrial IoT (IIoT) devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. Whether optimizing individual processe
Industrial automation giant Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product.The vulnerabilities were discovered by researchers at industrial cybersecurity firm Claroty and they were addressed by the vendor with the release of AssetCentre v11. Previous versions are imp
A top Biden administration official says the government is undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks.“Our aim is to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity,” Anne
Cyber Incident and Texas Storms Will Delay Between 1.8 and 2.0 Million Hectoliters of Beer Production and ShipmentsBrewing giant Molson Coors said that a disruptive cyberattack, combined with winter storms in Texas, could cost the company upwards of $140 million in short-term EBITDA.The maker of popular beer brands in the U.S., including Coors Light, Miller
Cybersecurity firm Kaspersky observed a drop in ransomware attacks on industrial control system (ICS) computers in the second half of 2020, but it saw an increase in these types of attacks in developed countries.According to the company’s Industrial Control System Threat Landscape report for H2 2020, globally, the percentage of ICS computers targeted with ra
A cybersecurity researcher who specializes in industrial control systems (ICS) has identified three types of critical vulnerabilities in products made by human-machine interface (HMI) manufacturer Weintek.The Taiwan-based vendor’s products are used worldwide. The company has posted a technical advisory instructing customers to install available patches and t
UK-based industrial automation company Ovarro recently patched a series of vulnerabilities in its TBox remote terminal units (RTUs). Cybersecurity experts say these flaws could pose a serious risk to organizations.Ovarro’s TBox RTUs are described by the vendor as a remote telemetry solution for remote automation and monitoring of critical assets. These devic
A newly published report form the U.S. Government Accountability Office (GAO) describes the risks of cyber-attacks on the electricity grid’s distribution systems, along with the scale of the potential impact of such attacks.Following a performance audit conducted between September 2019 and March 2021, GAO has discovered that the electricity grid's distributi
Organizations using Universal Relay (UR) products made by GE’s Grid Solutions have been informed this week that many of the devices in this product line are affected by nearly a dozen vulnerabilities.Grid Solutions is a GE Renewable Energy business that provides electricity management solutions for the energy sector, including oil and gas, as well as industr
We have been talking about the need for fully integrated security platforms more than 20 years. Yet, each time a new security challenge emerges, hundreds of vendors rush to provide a targeted solution for that specific threat. The result is a disconnected collection of technologies and tools that CISOs and their security teams struggle to use in an efficient
Cyberattack Against Molson Coors Impacts Brewery Operations, Production, and ShipmentsThe wave of big-name companies falling victim to disruptive malware attacks is showing no signs of slowing down with beverage conglomerate Molson Coors Beverage Company announcing on Thursday that it was recovering from an incident that severely disrupted its production ope
Industrial cybersecurity firm Claroty this week disclosed technical details for two potentially serious vulnerabilities affecting PowerLogic smart meters made by Schneider Electric.PowerLogic is a line of revenue and power quality meters that are used not only by utilities, but also industrial companies, healthcare organizations, and data centers for monitor
Siemens on Tuesday published 12 new security advisories to inform customers about nearly two dozen vulnerabilities affecting its products.Half of the new advisories cover vulnerabilities in third-party components. One of these advisories is related to AMNESIA:33, a collection of vulnerabilities discovered recently in open source TCP/IP stacks. Siemens has be
A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as part of an information theft campaign.The campaign was detailed in September 2020 by cybersecurity firm Zscaler, which warned at the time that the hackers had been targeting oil and gas supply chain industries in the Midd
Industrial organizations have been warned this week that a critical authentication bypass vulnerability can allow hackers to remotely compromise programmable logic controllers (PLCs) made by industrial automation giant Rockwell Automation.The vulnerability, tracked as CVE-2021-22681 with a CVSS score of 10, was independently reported to Rockwell by researche