#Claroty

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

by

June 28, 2024 at 04:39AM Multiple security flaws in Emerson Rosemount gas chromatographs, impacting versions 4.1.5 and prior, have been disclosed. Claroty identified command injection, authentication, and authorization vulnerabilities, enabling attackers to execute arbitrary commands and access sensitive information. Emerson has released an updated firmware to address these issues and advises following cybersecurity best practices … Read more

Gas Chromatograph Hacking Could Have Serious Impact: Security Firm

by

June 27, 2024 at 08:33AM Claroty has disclosed vulnerabilities in Emerson’s gas chromatograph, posing serious impact risks. These devices are remotely controlled and connected to internal networks via proprietary protocol. Vulnerabilities include critical command injection and bypassing authentication, with potential for severe industry disruption. CISA and Emerson have issued advisories, recommending firmware updates and network … Read more

Derisking your CNI

by

June 3, 2024 at 05:07AM Join The Reg’s Tim Phillips on 10 June 2024 at 3pm BST/10am EDT/7am PDT to learn about NIS2 requirements, exposure management, and reducing cyber risk with Claroty xDome. Traditional responses and tools may not be enough to address growing cybersecurity risks in critical infrastructure sectors like energy, transport, and water … Read more

Research From Claroty’s Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets

by

May 24, 2024 at 02:16PM Claroty, a cyber-physical systems (CPS) protection company, has released proprietary data revealing security risks in mission-critical operational technology (OT) assets due to insecure internet connections and known vulnerabilities. To address this, they launched the Claroty xDome Secure Access, which balances secure control and frictionless access for enhanced productivity and reduced … Read more

Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution

by

May 22, 2024 at 07:42AM Claroty disclosed vulnerabilities in Honeywell’s Control Edge Unit Operations Controller found by its researchers. The vulnerabilities in the ControlEdge Virtual UOC industrial automation controller include a critical severity issue allowing arbitrary code execution without authentication, and a medium-severity absolute path traversal issue. Honeywell promptly issued patches and advisories regarding the … Read more

Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

by

January 18, 2024 at 11:12AM The Rapid SCADA open source industrial automation platform has seven unpatched vulnerabilities, including critical and high severity ones, allowing hackers to access sensitive industrial systems, execute arbitrary code, and compromise administrator passwords. The developers have not responded to notifications or requests for comment, leaving organizations vulnerable to potential attacks. Based … Read more

Ransomware Attacks on Industrial Orgs Increasingly Impact OT Systems: Survey

by

December 7, 2023 at 07:00AM Claroty’s report reveals that ransomware attacks are increasingly affecting Operational Technology (OT) systems in industrial organizations. Meeting Takeaways: 1. A report by Claroty indicates a rise in ransomware attacks targeting industrial organizations. 2. Operational Technology (OT) systems are increasingly being impacted by these ransomware attacks. 3. These findings have been … Read more

Meeting the challenge of OT security

by

November 1, 2023 at 04:44AM Industrial control systems are increasingly being targeted by cyberattacks, which can have severe consequences such as manufacturing disruptions and data breaches. To address these challenges, UK soft drinks producer Britvic will be discussing their approach to strengthening operational resilience in an upcoming webinar on November 8. Sign up to watch … Read more