#SCADA – Xynik

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

October 9, 2024 by Xynik

October 9, 2024 at 11:43AM Multiple security vulnerabilities in the Manufacturing Message Specification (MMS) protocol pose risks for industrial environments, potentially enabling device crashes and remote code execution. Key libraries affected were patched in 2022, but gaps in security for modern technology versus outdated protocols persist. Additional vulnerabilities in other systems were also reported. ### … Read more

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

September 26, 2024 by Xynik

September 26, 2024 at 07:55AM The US cybersecurity agency CISA warns of unsophisticated hacks on industrial control systems (ICS) and operational technology. Red Evil hacktivist group claimed to have compromised water systems used by Hezbollah, making exaggerated claims of control. However, an expert believes this is more likely an influence/misinformation operation. CISA also issued a … Read more

Russian Hacktivists Sanctioned for US Critical Infrastructure Attacks

July 22, 2024 by Xynik

July 22, 2024 at 01:15PM Two members of the Russian hacktivist group Cyber Army Russia Reborn (CARR) were sanctioned by the US Department of Treasury for cyberattacks on US critical infrastructure. Yuliya Pankratova, the leader, and Denis Degtyarenko, the primary hacker, were involved in disrupting operations at water facilities and compromising industrial control systems, but … Read more

US Sanctions Russian Hacktivists for Targeting Critical Infrastructure

July 22, 2024 by Xynik

July 22, 2024 at 10:36AM The US Department of Treasury imposed sanctions on Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, leaders of the Russian hacktivist group CARR, for cyberattacks targeting critical infrastructure in the US and Europe. CARR’s activities, including compromising industrial control systems, have led to significant security concerns, resulting in sanctions and asset … Read more

Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines

January 9, 2024 by Xynik

January 9, 2024 at 09:06AM Researchers from Nozomi Networks have uncovered significant vulnerabilities in Bosch Rexroth nutrunners used in the automotive industry, potentially allowing hackers to gain control of these devices remotely. The vulnerabilities, including over two dozen security holes, pose serious threats to operational and reputational integrity. Bosch Rexroth plans to address the flaws … Read more

NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics

October 17, 2023 by Xynik

October 17, 2023 at 07:12AM The National Security Agency has released a repository called Elitewolf on GitHub, which contains intrusion detection signatures and analytics for hunting malicious activity in industrial control systems and operational technology environments. The release is in response to increased cyber activity targeting critical infrastructure and aims to help organizations implement continuous … Read more