CISA warns water facilities to secure HMI systems exposed online

December 13, 2024 at 02:36PM CISA and the EPA have issued a warning to water facilities to protect Internet-exposed Human Machine Interfaces (HMIs) from potential cyberattacks, emphasizing the importance of security measures to safeguard these critical systems. **Meeting Takeaways:** 1. **Warning Issued**: CISA and the EPA have issued a warning regarding the security of water … Read more

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure

December 10, 2024 at 07:21AM Cisco’s Talos unit has revealed several unpatched vulnerabilities in MC Technologies’ industrial router and GoCast’s BGP tool, despite responsible disclosure to vendors months ago. Notably, the MC LR router has four high-severity command injection flaws, while GoCast has three critical vulnerabilities, both potentially exploitable through crafted HTTP requests. ### Meeting … Read more

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

October 9, 2024 at 11:43AM Multiple security vulnerabilities in the Manufacturing Message Specification (MMS) protocol pose risks for industrial environments, potentially enabling device crashes and remote code execution. Key libraries affected were patched in 2022, but gaps in security for modern technology versus outdated protocols persist. Additional vulnerabilities in other systems were also reported. ### … Read more

Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm

September 24, 2024 at 09:36AM Riello UPS devices are vulnerable to hackers due to unpatched vulnerabilities according to Austria-based firm CyberDanube. The vulnerabilities in the NetMan 204 network communications card enable attackers to take control of the UPS systems, posing a risk to devices directly exposed to the internet. Riello is yet to address these … Read more

Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens

September 10, 2024 at 04:52PM A new method called “Pixhell” can breach air gaps by using sound waves to transmit data via LCD screens. This covert channel attack works by manipulating screen pixels to create sound waves that encode stolen data. High-level security organizations are at risk, though some have built elaborate air gaps to … Read more

Study Finds Excessive Use of Remote Access Tools in OT Environments

September 10, 2024 at 10:27AM Cyber-physical systems security firm Claroty warns that excessive use of remote access tools in operational technology (OT) environments can heighten cybersecurity risks. Their analysis reveals that 55% of organizations use four or more remote access tools, with some relying on 15-16, many lacking essential security features. This poses serious security … Read more

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

August 12, 2024 at 03:45AM Vulnerabilities in Ewon Cosy+ industrial remote access solution could allow attackers to gain root privileges, decrypt encrypted data, and hijack VPN sessions, posing significant security risks. The findings were presented at DEF CON 32. Attackers could exploit OpenVPN vulnerabilities to gain administrative and ultimately root access, compromise VPN sessions, and … Read more

Rockwell PLC Security Bypass Threatens Manufacturing Processes

August 6, 2024 at 09:05AM A security vulnerability (CVE-2024-6242, CVSS 8.4) in Rockwell Automation ControlLogix 1756 devices allows remote attackers to send elevated commands, compromising operational technology. The bug bypasses Rockwell’s trusted slot mechanism, enabling unauthorized access to critical infrastructure. To mitigate, apply Rockwell’s patches immediately to affected devices widely used in industrial manufacturing environments. … Read more

Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers 

August 2, 2024 at 08:12AM Rockwell Automation’s Logix programmable logic controllers (PLCs) were found to have a high-severity security bypass vulnerability by Claroty. The flaw, tracked as CVE-2024-6242, impacts ControlLogix 1756 devices and other controllers. Both Rockwell and CISA issued advisories and released patches. Exploitation requires network access to the targeted device, presenting serious implications. … Read more

Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment

July 24, 2024 at 10:42AM Siemens issued an out-of-band security advisory announcing patches for critical vulnerabilities in Sicam A8000, Enhanced Grid Sensor, and Sicam 8 software, impacting energy supply sector. One vulnerability allows unauthorized admin access, the other can enable firmware downgrading and code execution. Siemens has released firmware updates and mitigation measures, while SEC … Read more