February 13, 2024 at 07:39AM In February 2024, Siemens and Schneider Electric released 18 new security advisories for ICS Patch Tuesday. Siemens addressed 270 vulnerabilities as part of this release, as reported by SecurityWeek. It seems like you’ve shared a snippet of meeting notes or a news article related to cybersecurity. Is there a specific … Read more
November 14, 2023 at 09:27AM Siemens and Schneider Electric have released their Patch Tuesday advisories for November 2023, addressing a total of around 90 vulnerabilities in their products. Siemens has informed customers about vulnerabilities in several of their devices and software, with some being critical and high-severity. Siemens plans to release patches for most of … Read more
November 1, 2023 at 08:49AM MITRE has released version 14 of its ATT&CK knowledge base, which includes improvements in detections, industrial control systems (ICS), and mobile. This version covers 760 software pieces, 143 activity clusters, and 24 campaigns across enterprise, mobile, and ICS. Notable updates include expanded detection notes and analytics, technique alignments to data … Read more
October 25, 2023 at 09:21AM SecurityWeek’s 2023 ICS Cybersecurity Conference in Atlanta continues today with industrial cybersecurity stakeholders gathering for Day 2. Highlights include an interactive tabletop exercise for incident response, discussions on converging IT/OT security operations, assessing insider threats, securing industrial wireless infrastructure, emulating adversary actions, quantum computing’s impact on OT security, and using … Read more
October 17, 2023 at 09:30AM Weintek’s cMT HMI product has been found to have critical vulnerabilities that could be exploited by attackers. The vulnerabilities allow anonymous users to bypass authentication and execute arbitrary commands. If all vulnerabilities are combined, an attacker could gain full control of the HMI system. Weintek has released patches for affected … Read more
October 17, 2023 at 07:12AM The National Security Agency has released a repository called Elitewolf on GitHub, which contains intrusion detection signatures and analytics for hunting malicious activity in industrial control systems and operational technology environments. The release is in response to increased cyber activity targeting critical infrastructure and aims to help organizations implement continuous … Read more