#OTsecurity – Xynik

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

June 28, 2024 by Xynik

June 28, 2024 at 04:39AM Multiple security flaws in Emerson Rosemount gas chromatographs, impacting versions 4.1.5 and prior, have been disclosed. Claroty identified command injection, authentication, and authorization vulnerabilities, enabling attackers to execute arbitrary commands and access sensitive information. Emerson has released an updated firmware to address these issues and advises following cybersecurity best practices … Read more

Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT

June 14, 2024 by Xynik

June 14, 2024 at 03:00AM Password exposure vulnerabilities in industrial control systems and operational technology pose significant risks. Hackers have targeted ICS systems using weak and default passwords, with examples including the Iranian government’s hijacking of systems at a water authority in Pennsylvania. To address these issues, experts recommend strong password management practices, encryption, and … Read more

Xona Raises $18 Million for OT Remote Access Platform

June 11, 2024 by Xynik

June 11, 2024 at 06:18AM Xona, a zero trust user access platform for industrial operations, has raised $18 million in a strategic funding round led by Energy Impact Partners. This brings their total raised to $32 million, and the funds will be used to enhance product development, expand the team, and create strategic alliances. The … Read more

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

May 31, 2024 by Xynik

May 31, 2024 at 10:30AM Microsoft stresses the critical need to secure internet-exposed operational technology (OT) devices as cyber attacks continue to target such environments. The company warns that OT systems lack adequate security, making them vulnerable to exploitation and attacks. To mitigate these risks, organizations are urged to implement security measures and reduce the … Read more

Research From Claroty’s Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets

May 24, 2024 by Xynik

May 24, 2024 at 02:16PM Claroty, a cyber-physical systems (CPS) protection company, has released proprietary data revealing security risks in mission-critical operational technology (OT) assets due to insecure internet connections and known vulnerabilities. To address this, they launched the Claroty xDome Secure Access, which balances secure control and frictionless access for enhanced productivity and reduced … Read more

Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

May 22, 2024 by Xynik

May 22, 2024 at 08:42AM Rockwell Automation urges customers to disconnect industrial control systems not meant for public internet access due to heightened geopolitical tensions and cyber threats. The U.S. Cybersecurity and Infrastructure Security Agency supports this action, warning of malicious actors targeting operational technology assets. Research also highlights the susceptibility of PLCs to web-based … Read more

Rockwell Automation warns admins to take ICS devices offline

May 21, 2024 by Xynik

May 21, 2024 at 01:50PM Rockwell Automation urges customers to disconnect industrial control systems not designed for online exposure from the Internet due to increasing malicious activity. This reduces the attack surface and limits direct access to systems vulnerable to security threats. Additionally, CISA issued an alert regarding Rockwell’s new guidance to reduce ICS device … Read more

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

May 16, 2024 by Xynik

May 16, 2024 at 06:42AM Security researchers disclosed almost a dozen vulnerabilities affecting GE HealthCare Vivid Ultrasound products, posing risk of ransomware implantation and patient data manipulation. Vulnerabilities require physical access to devices and range from hard-coded credentials to path traversal. Exploit chain can be used to execute arbitrary code. Other recent security flaws have … Read more

Cyolo Partners With Dragos to Unveil Holistic Secure Remote Access Solution for Critical Infrastructure

May 8, 2024 by Xynik

May 8, 2024 at 05:41PM Cyolo announced a strategic partnership with Dragos to provide organizations with a robust solution to protect critical infrastructure against cyber threats. The collaboration offers an interoperable platform for OT customers, aiming to enhance asset vulnerability detection and remediation capabilities. This partnership establishes a comprehensive ICS/OT security framework based on the … Read more

TXOne Networks Scores $51M Series B Extension

May 7, 2024 by Xynik

May 7, 2024 at 01:06PM TXOne Networks, a startup focused on protecting industrial control systems and operational technology, has secured $51 million in new funding from investors in Taiwan. Originally a joint venture between Trend Micro and Moxa, the company has raised a total of $145 million and offers security solutions for various industries globally. … Read more