HackDig : Dig high-quality web security articles for hacker

Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbi
Publish At:2020-03-28 12:22 | Read:230 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA buffer overflow CODESYS heap

Talos found tens of dangerous flaws in WAGO Controllers

Cisco Talos experts discovered tens of flaws in WAGO products that expose controllers and human-machine interface (HMI) panels to remote attacks. Talos and Germany’s VDE CERT this week published advisories describing roughly 30 vulnerabilities identified in devices made by WAGO, a German company specializing in electrical connection and automation solutio
Publish At:2020-03-12 05:39 | Read:319 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA ICS it security it security

Dragos Report: Analysis of ICS flaws disclosed in 2019

More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique type
Publish At:2020-02-21 02:30 | Read:310 | Comments:0 | Tags:Breaking News ICS-SCADA Reports Hacking hacking news ICS inf

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity practice, it is
Publish At:2020-02-09 10:22 | Read:142 | Comments:0 | Tags:ICS Security CMA ics OT

Survey: 93% of ICS Pros Fear Digital Attacks Will Affect Operations

Digital attackers are increasingly targeting industrial environments these days. Take manufacturing organizations, for instance. Back in late-August, FortiGuard Labs discovered a malspam campaign that had targeted a large U.S. manufacturing company with a variant of the LokiBot infostealer family. It wasn’t long thereafter when Bloomberg reported on the effo
Publish At:2019-10-18 10:10 | Read:546 | Comments:0 | Tags:ICS Security experts ics Industrial Survey

What is NEI 08-09?

Most organizations with industrial control systems (ICS) fall into one of two categories: regulated and non-regulated. For those subject to government imposed regulatory requirements, the selection of a cybersecurity framework is obviously compelling. Such is the case with the nuclear energy industry and NEI 08-09.The nuclear energy industry is one of the sa
Publish At:2019-10-18 10:10 | Read:543 | Comments:0 | Tags:ICS Security Regulatory Compliance ics NEI 08-09 nuclear

Threat Landscape for Industrial Automation Systems in H1 2017

Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. Th
Publish At:2017-09-28 17:00 | Read:3531 | Comments:0 | Tags:Featured Industrial threats ICS Industrial control systems i

Microsoft Attempts To Fix Stuxnet For The Third Time

Microsoft released a new security update on June 17th in an attempt to patch a vulnerability which allowed the Stuxnet Virus to exploit Windows systems. The Stuxnet Virus which attacks Industrial Control Systems was first discovered in 2010 when it infected Iranian Programmable Logic Controllers.  Stuxnet compromises controllers by first targeting Windows op
Publish At:2017-08-04 21:15 | Read:3392 | Comments:0 | Tags:Breaking News Hacking CVE-2017-8464 ICS industrial control s

Experts spotted Industroyer ICS Malware and linked it to Ukraine Power Outage

Researchers at antivirus firm ESET have discovered a new strain of malware, dubbed Industroyer, that appears to have been designed to target power grids. The experts published a detailed analysis of the malware, they speculated the malicious code has been involved in the December 2016 attack on an electrical substation in Ukraine. “Win32/Industroyer is
Publish At:2017-06-13 07:40 | Read:4557 | Comments:0 | Tags:APT Breaking News Hacking Malware BlackEnergy CRASHOVERRIDE

ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things?

Companies operating Industrial Control Systems (ICS) have a special set of challenges to deal with. Which is the state of the art? The equipment was expected to be installed and left alone for a long time. Pressures to reduce operating costs led to this equipment being connected, and the easiest networking equipment to find was designed for convenience in a
Publish At:2017-06-13 07:40 | Read:4727 | Comments:0 | Tags:Breaking News Hacking Reports authentication cyber security

Compromising Industrial Robots: The Fallacy of Industrial Routers in the Industry 4.0 Ecosystem

The increased connectivity of computer and robot systems in the industry 4.0. ecosystem, is, and will be exposing robots to cyber attacks in the future. Indeed, industrial robots—originally conceived to be isolated—have evolved, and are now exposed to corporate networks and the internet. While this provides synergy effects and higher efficiency in production
Publish At:2017-05-03 20:40 | Read:4689 | Comments:0 | Tags:Internet of Things ICS industrial robot industrial security

ClearEnergy ransomware can destroy process automation logics in critical infrastructure, SCADA and industrial control sy

Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controlle
Publish At:2017-04-16 11:35 | Read:6476 | Comments:0 | Tags:Critical Infrastructures Cyber Security Cyber Security Resea

Threat Landscape for Industrial Automation Systems, H2 2016

The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is starting a series of regular publications about our research devoted to the threat landscape for industrial organizations. All statistical data used in the report was obtained using Kaspersky Security Network (KSN), a distributed antivirus network. Data was
Publish At:2017-03-28 07:05 | Read:3980 | Comments:0 | Tags:Analysis Featured Publications ICS Industrial control system

3 Trends in Support of a More Nuanced Approach to ICS Security

The security community has seen multiple high-profile incidents targeting industrial control systems (ICS) over the past few years. No one can forget Christmas 2015, when a threat actor linked to the Russian government sent spear-phishing emails to the Western Ukrainian power company Prykarpattyaoblenergo.Those messages were laced with BlackEnergy, a form of
Publish At:2017-03-27 12:15 | Read:5430 | Comments:0 | Tags:Featured Articles ICS Security ics malware security

Malware posing as Siemens PLC application is targeting ICS worldwide

Findings of the MIMICS project conducted by Dragos Threat Operations Center show a malware posing as Siemens PLC application is targeting ICS worldwide. After the disclosure of the Stuxnet case, the security industry started looking at ICS malware with increasing attention. A malware that infects an industrial control system could cause serious damages and p
Publish At:2017-03-26 01:15 | Read:4133 | Comments:0 | Tags:Breaking News Hacking Malware BlackEnergy Havex ICS malware

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud