Over 40,000 Internet-Exposed ICS Devices Found in US: Censys

August 7, 2024 at 03:06PM An analysis by Censys revealed over 40,000 internet-exposed industrial control systems (ICS) in the US, with challenges in notifying owners. The majority are linked to building control and automation, and low-level automation protocols are mainly in wireless and consumer networks. Risks include unauthenticated manipulation and targeting by threat actors. Notifying … Read more

FrostyGoop malware attack cut off heat in Ukraine during winter

July 23, 2024 at 01:36PM The FrostyGoop malware, linked to Russian threat groups, was used in a cyberattack in January 2024 to disrupt the heating in over 600 apartment buildings in Lviv, Ukraine. The attackers breached the network a year earlier and exploited vulnerabilities in industrial control systems. Organizations are advised to implement specific cybersecurity … Read more

New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure

July 23, 2024 at 07:42AM Researchers have identified a new ICS-focused malware, FrostyGoop, which targets industrial control systems using Modbus TCP to disrupt operational technology networks. It was used in a cyber attack on an energy company in Lviv, Ukraine, causing a 48-hour loss of heating services to over 600 apartment buildings. The incident highlights … Read more

Novel ICS Malware Sabotaged Water-Heating Services in Ukraine

July 23, 2024 at 05:05AM A new malware called FrostyGoop has been linked to an attack in January 2024 that disrupted heating services in 600 apartments in Lviv, Ukraine. This malware allows attackers to interact with industrial control systems using the Modbus protocol. The attack involved sending unauthorized commands to heating system controllers, resulting in … Read more

Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks

June 12, 2024 at 06:37PM With rising geopolitical tensions and cyber threats, Rockwell Automation advised customers to disconnect industrial control systems (ICS) from the internet to mitigate vulnerabilities. Cybersecurity experts warn of nation-state attacks targeting critical infrastructure, which face challenges due to online exposure and software vulnerabilities. Securing ICS assets and implementing offline measures are … Read more

Rockwell Automation Urges Customers to Disconnect ICS From Internet

May 22, 2024 at 09:57AM Rockwell Automation urges customers to secure industrial control systems from internet exposure. Shodan search reveals 7,000+ connected items. The company cautions against public internet connectivity for non-designed devices. They address recent vulnerabilities and the potential for cyber attacks due to global tensions. CISA has also raised awareness of Rockwell’s notice. … Read more

Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

May 22, 2024 at 08:42AM Rockwell Automation urges customers to disconnect industrial control systems not meant for public internet access due to heightened geopolitical tensions and cyber threats. The U.S. Cybersecurity and Infrastructure Security Agency supports this action, warning of malicious actors targeting operational technology assets. Research also highlights the susceptibility of PLCs to web-based … Read more

Rockwell Automation warns admins to take ICS devices offline

May 21, 2024 at 01:50PM Rockwell Automation urges customers to disconnect industrial control systems not designed for online exposure from the Internet due to increasing malicious activity. This reduces the attack surface and limits direct access to systems vulnerable to security threats. Additionally, CISA issued an alert regarding Rockwell’s new guidance to reduce ICS device … Read more

Cyolo Partners With Dragos to Unveil Holistic Secure Remote Access Solution for Critical Infrastructure

May 8, 2024 at 05:41PM Cyolo announced a strategic partnership with Dragos to provide organizations with a robust solution to protect critical infrastructure against cyber threats. The collaboration offers an interoperable platform for OT customers, aiming to enhance asset vulnerability detection and remediation capabilities. This partnership establishes a comprehensive ICS/OT security framework based on the … Read more

TXOne Networks Scores $51M Series B Extension

May 7, 2024 at 01:06PM TXOne Networks, a startup focused on protecting industrial control systems and operational technology, has secured $51 million in new funding from investors in Taiwan. Originally a joint venture between Trend Micro and Moxa, the company has raised a total of $145 million and offers security solutions for various industries globally. … Read more