#IndustrialControlSystem

Zeek Security Tool Vulnerabilities Allow ICS Network Hacking

by

March 5, 2024 at 07:06AM A recent US CISA advisory disclosed critical and high-severity vulnerabilities in the Zeek network security monitoring tool’s Ethercat plugin, impacting ICS environments. The vulnerabilities, tracked as CVE-2023-7244, CVE-2023-7243, and CVE-2023-7242, could allow threat actors to execute attacks. The researcher, Cameron Whitehead, identified these vulnerabilities, impacting over 10,000 Zeek deployments globally. … Read more

CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack

by

November 29, 2023 at 08:36AM Hackers breached the Municipal Water Authority of Aliquippa’s ICS in Pennsylvania but didn’t compromise water safety. CISA linked the attack to the Cyber Av3ngers, possibly Iran-based, targeting an insecure Israeli-made Unitronics PLC. CISA advised stronger security measures for such systems given rising cyber threats to the water sector. **Meeting Takeaways:** … Read more