Security alert for vulnerabilities in Siemens PLCs

Siemens has issued a security alert about the company’s Simatic S7-1500 programmable logic controllers (PLCs) after security researchers at Positive Technologies reported “serious vulnerabilities” that exposed industrial processes to denial-of-service (DoS) attacks. The researchers warn that, left unpatched, the vulnerabilities can be exploited by cyber Read More …

Siemens Patches Firewall Flaw That Put Operations at Risk

The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability Read More …

Researchers find Stuxnet, Mirai, WannaCry lurking in industrial USB drives

Removal storage and USB thumb drives are a serious security incident waiting to happen, new research suggests. When we consider threats to our industrial systems, specifically crafted malware, such as the Industroyer strain which cut off the power to the city of Read More …

Thousands of critical energy and water systems exposed online for anyone to exploit

While you likely don’t stop to think about water or energy industries when you grab a drink of water or flip on the lights, you would definitely notice if your electricity or water stopped working. You might not know why Read More …

GreyEnergy: New malware campaign targets critical infrastructure companies

The hacking group which took down Ukrainian power grids is systematically targeting critical infrastructure in Ukraine and beyond in what security researchers believe could be cyber espionage and reconnaissance ahead of future attacks. Dubbed GreyEnergy by researchers at ESET, the group Read More …

How Shodan helps identify ICS cybersecurity vulnerabilities

An industrial control system is essentially a collection of computers that monitor and control industrial systems. They make the world move and help with everything from food processing to transportation to running the espresso maker at your local Starbucks. The Read More …

Plague of the Cyber RATs: How a toxic computer code delivered by ‘Remote Access Trojans’ is an invisible army able to take over a petrochemical plant

On a broiling day last August, managers of a huge petrochemical plant in Saudi Arabia discovered to their horror that it had been attacked. The consequences could have been catastrophic: the invaders had seized command of its computerised control-and-safety system, and had Read More …

Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack

Unauthorized crytocurrency mining attacks, sometimes referred to as “cryptojacking” have found a new target – operational technology used in critical industrial infrastructure. Security firm Radiflow, discovered that cryptocurrency mining malware was found in the network of a water utility provider Read More …