Both IT and OT Teams Should be Able to Quickly Access and Analyze all Data Relevant to Their Needs
Category Archives: SCADA / ICS
Rockwell Automation to Patch Publicly Disclosed Power Monitor Flaws
Rockwell Automation is working on patches for two vulnerabilities affecting its Allen-Bradley PowerMonitor 1000 products. Details of the flaws have been public since November 2018.
Many ICS Vulnerability Advisories Contain Errors: Report
Roughly one-third of the ICS-specific vulnerability advisories published in 2018 contained basic factual errors, including when describing and rating the severity of a flaw, according to the 2018 Year in Review report published on Thursday by industrial cybersecurity firm Dragos.
Refrigeration Systems Used by Supermarkets, Hospitals Left Exposed Online
Thousands of instances of a temperature control system are exposed to remote attacks from the internet due to users’ failure to change default passwords and implement other security measures.
Study Analyzes Challenges, Concerns for IT/OT Convergence
A survey conducted by the Ponemon Institute on behalf of security solutions provider TUV Rheinland OpenSky analyzes the security, safety and privacy challenges and concerns related to the convergence between information technology (IT), operational technology (OT), and industrial internet of things (IIoT).
5 New Year’s Resolutions for Your IoT Security Strategy
A new year has arrived, and with it comes the opportunity to make all kinds of transformations to help your business. No matter how you navigated the dangerous threat landscape during the past years, it’s time for all of us in operational technology (OT) security to make firm decisions to do or not do something for the safety of our business and environment.
U.S. Intel Community: Russia, China Can Disrupt Critical Infrastructure
Russia and China are capable of disrupting critical infrastructure in the United States, and Iran is not far behind, according to the Worldwide Threat Assessment made public by the U.S. intelligence community on Tuesday.
Flaws Expose Phoenix Contact Industrial Switches to Attacks
The latest firmware updates released by Phoenix Contact for its FL SWITCH industrial ethernet switches address a total of six vulnerabilities that can be exploited to obtain credentials for the web interface, conduct unauthorized activities, cause a denial-of-service (DoS) condition, and launch man-in-the-middle (MitM) attacks.
U.S. Senators Voice Cyber Concerns Over China-Made Metro Rail Cars
A group of United States Senators have written a letter to the Washington Metropolitan Area Transit Authority (WMATA) to express safety and security concerns regarding the acquisition of metro rail cars built by a Chinese company.
Flaws in Moxa IIoT Product Expose ICS to Remote Attacks
Serious vulnerabilities found in an industrial IoT (IIoT) platform from Moxa could enable malicious hackers to launch remote attacks on industrial networks. The vendor has released a patch that should address the flaws.
How the Secure Development Lifecycle Can Help Protect IIoT Deployments
It’s Not Enough to Assume a Vendor Has Done Its Job When it Comes to Securing IIoT Devices
Serious Flaws Found in ControlByWeb Industrial Weather Station
Researchers have discovered two potentially serious vulnerabilities in an industrial-grade weather station made by ControlByWeb, a company that specializes in products that allow organizations to remotely monitor and control electrical devices.
Sensor-y Overload: Cyber Risk and the Merrimack Valley Gas Explosions
Let's be clear: the natural gas explosions that rocked the Merrimack Valley north of Boston in September weren't the result of a cyber attack. Unfortunately: well known vulnerabilities affecting the security of remote sensors and industrial control system software mean they easily could have been.
The post Sensor-y Overload: Cyber Risk and the...