Schneider Electric recently patched four vulnerabilities in its U.motion Builder software, including two critical command execution flaws. Advisories have been published by both the vendor and ICS-CERT.
Category Archives: SCADA / ICS
Security Vulnerabilities: A Threat to Automotive Innovation
The pace of innovation within the automotive industry has been breath-taking. Only ten years ago, the very concept of self-driving cars and heavy goods vehicles was still regarded as far-fetched science fiction. Today, they are already a common sight on many roads around the world.
Critical Flaws Expose ABB Door Communication Systems to Attacks
Researchers discovered several critical vulnerabilities in door communication systems made by Switzerland-based industrial tech company ABB. Both patches and workarounds have been made available by the vendor.
Industrial Cybersecurity Firm Claroty Raises $60 Million
New York-based industrial cybersecurity firm Claroty announced on Monday that it raised $60 million in a Series B funding round, bringing the total amount raised by the company to date to $93 million.
Group That Caused Power Outage Stops Focusing Exclusively on Ukraine
Electrum, the Russia-linked hacker group believed to be responsible for the 2016 power outage in Ukraine, no longer focuses exclusively on this country, according to industrial cybersecurity firm Dragos.
VPNFilter Targets More Devices Than Initially Thought
Interconnectivity Has Put ICS Environments in Cyber Risk Crosshairs
Tell any IT professional that the computer running the electrical grid has not been updated in 20 years, or that the machine that controls operations in the bottling plant was last tuned up when Y2K was still being planned, and they will look at you like you are crazy. They simply will not believe you. Why?
Cyber Range Developer Cyberbit Raises $30 Million
Israel-based Cyberbit Ltd., a provider of cyber range training and simulation platforms, announced on Monday that it has received a $30 million investment from Claridge Israel.
Hardcoded Credentials Expose Yokogawa Controllers to Attacks
Japanese electrical engineering company Yokogawa has released firmware updates for its STARDOM controllers to address a critical vulnerability that can be exploited remotely to take control of the device.
North Korea-Linked Group Stops Targeting U.S.
A threat actor linked to North Korea’s Lazarus Group has stopped targeting organizations in the United States, but remains active in Europe and East Asia.
The War Few Are Talking About
There is a growing war among nations and the potential victims may not even know they are targeted as pawns in a larger geopolitical game. This war is not being fought openly with the same territorial expansion objectives of conventional 20th century warfare or with the threat of mutually assured annihilation from the Cold War. Rather, it is being waged just below the threshold of armed conflict to advance geopolitical agendas. Now that I have your attention, let me explain.
FBI Attribution of ‘VPNFilter’ Attack Raises Questions
Information shared by the FBI on the massive VPNFilter attack in which more than half a million devices have been compromised raises some interesting questions about the connection between Russia-linked hacker groups.
Flaw in Schneider PLC Programming Tool Allows Remote Attacks
Schneider Electric this week announced that an update for its EcoStruxure Machine Expert product patches a high severity vulnerability that can be exploited remotely to obtain sensitive data.
Everybody reboot! VPNFilter Malware infects 500k Routers
Newly discovered malicious software dubbed VPNFilter has infected hundreds of thousands of routers and network attached storage (NAS) devices globally and could be used to steal sensitive data or wipe out (“brick”) the devices, the company said. Cisco’s Talos research group warned on Wednesday that newly discovered malware,...
Related Stories
Hackers Behind ‘Triton’ Malware Attack Expand Targets
The threat group responsible for the recently uncovered attack involving a piece of malware known as Triton, Trisis and HatMan is still active, targeting organizations worldwide and safety systems other than Schneider Electric’s Triconex.
GRIMM Opens Security Research Lab for ICS, Connected Vehicles
Cybersecurity research and engineering firm GRIMM has opened a new Grand Rapids, MI-based cybersecurity research lab. GRIMM provides security consulting, engineering and research services, including vulnerability research/testing and security training, to both government agencies and private sector enterprises.
Massive Russia-Linked Botnet Raises Concerns of New Attack on Ukraine
Vulnerabilities Found in RTUs Used by European Energy Firms
Several critical and high severity vulnerabilities have been found in remote terminal unit (RTU) modules designed for the energy sector and used in various European countries.
Critical Flaws Patched in Phoenix Contact Industrial Switches
Several vulnerabilities, including ones rated critical and high severity, have been patched in industrial ethernet switches made by Phoenix Contact, a Germany-based company that specializes in industrial automation, connectivity and interface solutions.
‘Chrysene’ Group Targets ICS Networks in Middle East, UK
A threat actor with ties to hacker groups believed to be operating out of Iran has been targeting the industrial networks of organizations in the Middle East and the United Kingdom.
U.S. Energy Department Unveils Multiyear Cybersecurity Plan
The U.S. Department of Energy this week announced its strategy to reduce cyber risks in the energy sector and outlined its goals, objectives and activities for the next five years.
Severe DoS Flaw Discovered in Siemens SIMATIC PLCs
Siemens informed customers on Tuesday that some of its SIMATIC S7-400 CPUs are affected by a high severity denial-of-service (DoS) vulnerability.
Security Gaps Remain as OT, IT Converge
The accelerating digitization of business, driven by compelling commercial arguments, is driving the integration of new information technology (IT) networks with older operational technology (OT) networks. This is introducing new security risks to old technology and old technology practices -- and where the OT is driving a critical manufacturing plant, the new risk is from nation-state actors as well as traditional cyber criminals.