Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel

December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more

ICS Security: 145,000 Systems Exposed to Web, Many Industrial Firms Hit by Attacks

November 21, 2024 at 08:37AM Censys reports over 145,000 internet-exposed industrial control systems (ICS) across 175 countries, with 38% in North America. The U.S. has 48,000 such systems. Many are vulnerable human-machine interfaces, particularly in water and agriculture sectors. Additionally, a Kaspersky survey reveals 90% of UK industrial firms faced cyberattacks, highlighting significant security concerns. … Read more

Incident Response, Anomaly Detection Rank High on Planned ICS Security Spending

November 12, 2024 at 07:05AM The SANS State of ICS/OT Cybersecurity 2024 report reveals insights from 530 professionals on current and planned technologies in critical infrastructure. Key current technologies include access controls and backup tools, while future focus areas include ICS-specific training and metrics. Increasing investment in less-deployed technologies like SBOM and SOAR is noted. … Read more

Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems

November 6, 2024 at 08:06AM The SANS 2024 report reveals a rise in attacks on industrial control systems, with 74.4% of incidents being non-ransomware related. Key attack vectors include remote services and supply chain compromises. While ransomware incidents are relatively low (12%), their impact on ICS/OT environments remains severe, affecting reliability and safety. **Meeting Takeaways: … Read more

PLCHound Aims to Improve Detection of Internet-Exposed ICS

November 6, 2024 at 04:54AM Georgia Tech researchers created PLCHound, an AI algorithm designed to enhance the detection of internet-exposed Industrial Control Systems (ICS). This advancement aims to improve security measures in identifying vulnerable systems online. The announcement was featured in a post on SecurityWeek. **Meeting Notes Takeaways:** 1. **Project Overview:** Georgia Tech researchers have … Read more

Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation 

November 4, 2024 at 05:07AM Siemens and Rockwell Automation are enhancing cybersecurity for industrial organizations, yet face challenges in encouraging customers to install security systems and upgrade their Industrial Control Systems (ICS). **Meeting Takeaways:** 1. **Collaboration on Cybersecurity**: Siemens and Rockwell Automation are actively working together to enhance cybersecurity measures in industrial organizations. 2. **Challenges … Read more

Organizations Faster at Detecting OT Incidents, but Response Still Lacking: Report

October 18, 2024 at 06:01AM SANS’ 2024 State of ICS/OT Cybersecurity report highlights insights from over 530 professionals in critical infrastructure. It reveals that organizations are improving in detecting OT incidents more quickly, yet their response capabilities remain inadequate. ### Meeting Takeaways: 1. **Publication**: SANS has released the 2024 State of ICS/OT Cybersecurity report. 2. … Read more

Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC

September 26, 2024 at 11:13AM Cisco Talos disclosed critical and high-severity vulnerabilities in OpenPLC, an open source programmable logic controller designed for industrial automation and research. These can be exploited for DoS attacks and remote code execution using specially crafted EtherNet/IP requests. The vulnerabilities were patched on September 17, and users are advised to update … Read more

Cisco Patches High-Severity Vulnerabilities in IOS Software

September 26, 2024 at 09:19AM SecurityWeek Network offers cybersecurity news, webcasts, and virtual events. It covers various topics such as malware, cyberwarfare, data breaches, ransomware, and more. It also provides information on security operations, threat intelligence, incident response, and risk management. Additionally, it features sections on CISO strategy, industrial cybersecurity, funding, and M&A in cybersecurity. … Read more

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

September 26, 2024 at 07:55AM The US cybersecurity agency CISA warns of unsophisticated hacks on industrial control systems (ICS) and operational technology. Red Evil hacktivist group claimed to have compromised water systems used by Hezbollah, making exaggerated claims of control. However, an expert believes this is more likely an influence/misinformation operation. CISA also issued a … Read more