#ICSsecurity – Xynik

ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell

November 13, 2024 by Xynik

November 13, 2024 at 07:21AM CISA, Schneider Electric, Siemens, and Rockwell Automation have issued security advisories for November 2024’s Patch Tuesday, focusing on vulnerabilities in industrial control systems. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Participants:** CISA, Schneider Electric, Siemens, and Rockwell Automation. 2. **Key Event:** November 2024 Patch Tuesday security advisories have … Read more

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments

August 30, 2024 by Xynik

August 30, 2024 at 02:42AM The SANS Institute has released a guide, “ICS Is the Business,” by Dean Parsons. It addresses the increasing need for ICS security in the face of a 50% rise in ransomware attacks in 2023. The guide emphasizes the critical steps organizations must take to safeguard their operations and ensure public … Read more

ICS/OT Security Firms Announce Product Updates

August 29, 2024 by Xynik

August 29, 2024 at 04:42AM Two major ICS/OT security firms made product announcements: Dragos released a platform to streamline threat and vulnerability workflows, enhancing asset inventory capabilities, and adding customizable filters for efficient asset data management. Nozomi Networks collaborated with Mandiant to enhance its threat intelligence and announced Vantage Threat Cards for quick access to … Read more

Over 40,000 Internet-Exposed ICS Devices Found in US: Censys

August 7, 2024 by Xynik

August 7, 2024 at 03:06PM An analysis by Censys revealed over 40,000 internet-exposed industrial control systems (ICS) in the US, with challenges in notifying owners. The majority are linked to building control and automation, and low-level automation protocols are mainly in wireless and consumer networks. Risks include unauthenticated manipulation and targeting by threat actors. Notifying … Read more

FrostyGoop ICS Malware Left Ukrainian City’s Residents Without Heating

July 23, 2024 by Xynik

July 23, 2024 at 06:27AM Industrial cybersecurity firm Dragos recently disclosed details on FrostyGoop, a new malware impacting industrial control systems (ICS). The malware was used in an attack in January 2024, resulting in a disruption to a municipal district energy company in Lviv, Ukraine. This incident caused a loss of heating for residents and … Read more

Novel ICS Malware Sabotaged Water-Heating Services in Ukraine

July 23, 2024 by Xynik

July 23, 2024 at 05:05AM A new malware called FrostyGoop has been linked to an attack in January 2024 that disrupted heating services in 600 apartments in Lviv, Ukraine. This malware allows attackers to interact with industrial control systems using the Modbus protocol. The attack involved sending unauthorized commands to heating system controllers, resulting in … Read more

Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT

June 14, 2024 by Xynik

June 14, 2024 at 03:00AM Password exposure vulnerabilities in industrial control systems and operational technology pose significant risks. Hackers have targeted ICS systems using weak and default passwords, with examples including the Iranian government’s hijacking of systems at a water authority in Pennsylvania. To address these issues, experts recommend strong password management practices, encryption, and … Read more

Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks

June 12, 2024 by Xynik

June 12, 2024 at 06:37PM With rising geopolitical tensions and cyber threats, Rockwell Automation advised customers to disconnect industrial control systems (ICS) from the internet to mitigate vulnerabilities. Cybersecurity experts warn of nation-state attacks targeting critical infrastructure, which face challenges due to online exposure and software vulnerabilities. Securing ICS assets and implementing offline measures are … Read more

Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

May 22, 2024 by Xynik

May 22, 2024 at 08:42AM Rockwell Automation urges customers to disconnect industrial control systems not meant for public internet access due to heightened geopolitical tensions and cyber threats. The U.S. Cybersecurity and Infrastructure Security Agency supports this action, warning of malicious actors targeting operational technology assets. Research also highlights the susceptibility of PLCs to web-based … Read more

Cyolo Partners With Dragos to Unveil Holistic Secure Remote Access Solution for Critical Infrastructure

May 8, 2024 by Xynik

May 8, 2024 at 05:41PM Cyolo announced a strategic partnership with Dragos to provide organizations with a robust solution to protect critical infrastructure against cyber threats. The collaboration offers an interoperable platform for OT customers, aiming to enhance asset vulnerability detection and remediation capabilities. This partnership establishes a comprehensive ICS/OT security framework based on the … Read more