HackDig : Dig high-quality web security articles for hackers

CISA Named Top-Level Root CVE Numbering Authority

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA) and it will be overseeing CNAs that assign CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices.CNAs are responsible for issuing CVE identifiers for vulnerabilities found in their own or third-p
Publish At:2020-09-17 07:54 | Read:111 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities Management &

Nozomi Networks Becomes CVE Numbering Authority

Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA).As a CNA, the company will be able to assign CVE identifiers to vulnerabilities found in its own products or in third-party IoT and industrial products that are not c
Publish At:2020-09-16 12:22 | Read:45 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities Management &

ICS Vendors Release Advisories for CodeMeter Vulnerabilities

Several major industrial control system (ICS) vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems.CodeMeter provides license management capabilities and it’s designed to protect software against piracy and reverse engineering. It’
Publish At:2020-09-11 15:02 | Read:129 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Risk Management Vulnerabilit

Vulnerabilities in CodeMeter Licensing Product Expose ICS to Remote Attacks

Vulnerabilities affecting CodeMeter, a popular licensing and DRM solution made by Germany-based Wibu-Systems, can expose industrial systems to remote attacks, industrial cybersecurity company Claroty warned on Tuesday.CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes
Publish At:2020-09-08 16:38 | Read:196 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Cybersecurity: An All-Encompassing Organizational Responsibility

Organizations Must Establish a Culture of Rresilience With Strategies That Are Independent, Measurable and UsableToday, the digital world is propelling connectivity and data growth to new heights. While their associated capabilities and information can give organizations a competitive advantage, these ever-evolving technologies can also expose critical infra
Publish At:2020-08-25 12:42 | Read:230 | Comments:0 | Tags:INDUSTRY INSIGHTS SCADA / ICS Risk Management security cyber

Over 70% of ICS Vulnerabilities Disclosed in First Half of 2020 Remotely Exploitable

Over 70% of the industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 were remotely exploitable through a network attack vector, industrial cybersecurity company Claroty reported on Wednesday.Claroty has analyzed the 365 ICS flaws added to the National Vulnerability Database (NVD) and 385 vulnerabilities covered in advisories pu
Publish At:2020-08-19 15:49 | Read:256 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities exploit

NSA and CISA Alert Highlights Urgency for OT Security

In the last few years, we’ve seen ample evidence of how cyberattacks on critical infrastructure can be leveraged by nation-states and other powerful adversaries as weapons in geopolitical conflicts. The attacks on the Ukraine power grid and several other incidents demonstrated a show of power and how a country’s infrastructure can be disrupted. The indiscrim
Publish At:2020-08-18 08:58 | Read:243 | Comments:0 | Tags:INDUSTRY INSIGHTS SCADA / ICS

Radiflow Launches Industrial Risk Analysis Platform

Industrial cybersecurity solutions provider Radiflow recently announced the launch of an automated risk analysis platform for industrial automation and control systems.Named CIARA (Cyber Industrial Automated Risk Analysis), the solution is now generally available after some of Radiflow’s customers tested the beta version. CIARA is a cloud-based service that
Publish At:2020-08-17 13:41 | Read:186 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Risk Management Management &

ICS Cyber Security Conference Call for Presentations Extended to August 31, 2020

The official Call for Presentations (speakers) for SecurityWeek’s 2020 Industrial Control Systems (ICS) Cyber Security Conference, being held October 19 – 22, 2020 in SecurityWeek’s Virtual Conference Center, has been extended to August 31st.As the premier ICS/SCADA cyber security conference, the event was originally scheduled to take place at the InterConti
Publish At:2020-08-12 12:44 | Read:228 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS

Black Hat Wrap-Up: IoT and Hardware Vulnerabilities Take the Spotlight

The first entirely virtual edition of the Black Hat cybersecurity conference took place last week and researchers from tens of organizations presented the results of their work from the past year.Some of the most interesting presentations focused on vulnerabilities affecting industrial, IoT, hardware and web products, but a few of the talks covered endpoint
Publish At:2020-08-10 15:17 | Read:291 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY SCADA / ICS Vulnerabil

Vulnerabilities in Protocol Gateways Can Facilitate Attacks on Industrial Systems

Vulnerabilities found in protocol gateway devices can facilitate stealthy attacks on industrial systems, enabling threat actors to obtain valuable information and sabotage critical processes.Protocol gateways are small devices designed to ensure that various types of IT and OT devices can communicate with each other even if they use different protocols. For
Publish At:2020-08-05 09:38 | Read:192 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

High-Wattage IoT Botnets Can Manipulate Energy Market: Researchers

A team of researchers from the Georgia Institute of Technology has demonstrated how, in theory, a malicious actor could manipulate the energy market using a botnet powered by high-wattage IoT devices.Most botnets are powered by devices such as routers, cameras and DVRs. However, researchers from Princeton University warned a few years ago that threat actors
Publish At:2020-08-05 01:55 | Read:211 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Virus & Threats IoT Secu

Legacy Programming Languages Pose Serious Risks to Industrial Robots

Researchers at the Polytechnic University of Milan and cybersecurity firm Trend Micro have analyzed some of the most popular industrial programming languages and showed how they can open the door to attacks against robots and other programmable manufacturing machines. They have developed a worm to demonstrate the severity of their findings.The researchers an
Publish At:2020-08-04 10:28 | Read:294 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Virus & Threats Vulnerab

Hackers Could Target Organizations via Flaws in Mitsubishi Factory Automation Products

High-severity vulnerabilities found by researchers in Mitsubishi Electric factory automation products can be exploited to remotely attack organizations.According to advisories published last week by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), tens of factory automation products from Mitsubishi Electric are affected by three flaws that c
Publish At:2020-08-03 15:10 | Read:289 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Industrial Systems Can Be Hacked Remotely via VPN Vulnerabilities

Vulnerabilities discovered by researchers in VPN products primarily used for remote access to operational technology (OT) networks can allow hackers to compromise industrial control systems (ICS) and possibly cause physical damage.Researchers from industrial cybersecurity company Claroty have identified potentially serious vulnerabilities in Secomea GateMana
Publish At:2020-07-28 16:19 | Read:208 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Vulnerabilities

Tools

Tag Cloud