Industrial Security


  • Building strong cyber security into ship design

    October 11, 2023

    As digitalization makes great strides in the shipping world, connectivity and system integration expose ships to growing cyber risks. This means that cyber security must be engineered into the design of every new vessel. Suppliers must deliver secure systems, and yards must combine these systems into a secure, painstakingly documented overall concept that provides a strong ...

  • Grayling: Previously unseen threat actor targets multiple organizations in Taiwan

    October 10, 2023

    A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in Taiwan. A government agency located in the Pacific Islands, as well as organizations in Vietnam and the U.S., also appear to have been hit as ...

  • Cyber attack hits electronics firm Volex

    October 9, 2023

    A cyber attack has hit electronic manufacturer Volex, opening the door to unauthorised access to some of its IT systems. The AIM-listed British company said it is not expecting any “material” financial impact from the incident but shares dropped over four per cent on Monday morning. After discovering the breach of certain IT systems and data ...

  • CISA Releases Three Industrial Control Systems Advisories

    October 5, 2023

    CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products ICSA-23-278-02 Qognify NiceVision Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs   

  • Clorox shares touch more than 5-year low on financial hit from cyber attack

    October 5, 2023

    Shares in Clorox were down 8.1% on Thursday, after hitting their lowest level since May 2018, after the cleaning supplies company’s warned that an August cyber attack would push it into a quarterly loss and slash up to 28% off its revenue. On Aug 14 Clorox said it took some systems offline after unauthorized activity disrupted ...

  • CISA Releases Three Industrial Control Systems Advisories

    September 28, 2023

    CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-271-01 Rockwell Automation PanelView 800 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds One Known Exploited Vulnerability to Catalog  

  • ICS protocol coverage using Snort 3 service inspectors

    September 26, 2023

    With more devices on operational technology (OT) networks now getting connected to wide-reaching IT networks, it is more important than ever to have effective detection capabilities for ICS protocols. However, there are a few issues that usually arise when creating detection for ICS protocol traffic. Oftentimes, the protocols connecting these devices on modern networks originate ...

  • CISA Releases Six Industrial Control Systems Advisories

    September 26, 2023

    CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03 Mitsubishi Electric FA Engineering Software Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Three Known Exploited Vulnerabilities to Catalog  

  • APT and financial attacks on industrial organizations in H1 2023

    September 25, 2023

    This summary provides an overview of reports of APT and financial attacks on industrial enterprises that were disclosed in H1 2023, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities. For each topic, Kaspersky researchers have sought to summarize the key facts, findings, and conclusions of the ...

  • CISA Releases Six Industrial Control Systems Advisories

    September 21, 2023

    CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spectrum Power 7 ICSA-23-264-03 Delta Electronics DIAScreen Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: ISC Releases Security Advisories for BIND 9   

  • China’s Ministry of State Security reveals US’ infiltration of Huawei traced back to 2009

    September 20, 2023

    The US’ infiltration of Huawei headquarters’ servers can be traced back to 2009, China’s Ministry of State Security (MSS) said in an article released on Wednesday. The Chinese ministry disclosed despicable methods of cyber espionage adopted by US intelligence agencies, which include establishing cyberattack arsenals, coercing technology companies to cooperate, and distorting the truth to ...

  • CISA Releases Four Industrial Control Systems Advisories

    September 19, 2023

    CISA released four Industrial Control Systems (ICS) advisories on September 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-262-01 Siemens SIMATIC PCS neo Administration Console ICSA-23-262-03 Omron Engineering Software Zip-Slip Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds One Known Exploited Vulnerability to Catalog  

  • Threat landscape for industrial automation systems. Statistics for H1 2023

    September 13, 2023

    In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. That said, he percentage of attacked ICS computers dropped in Q1 2023, but then rose again in Q2 2023, reaching highest quarterly figure since 2022 – 26.8%. Read more… Source: Kaspersky  

  • CISA Releases Three Industrial Control Systems Advisories

    September 12, 2023

    CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu Software Infrastructure Manager Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • CISA Releases Four Industrial Control Systems Advisories

    September 7, 2023

    CISA released four Industrial Control Systems (ICS) advisories on September 7, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-250-01 Dover Fueling Solutions MAGLINK LX Console ICSA-23-250-02 Phoenix Contact TC ROUTER and TC CLOUD CLIENT Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Your car wants to know about your sex life

    September 7, 2023

    Car manufacturers are collecting troves of data on drivers and passengers — some even tracking drivers’ sexual activity — according to a new report. In a review of 25 car brands and 15 car companies published by Mozilla Foundation on Wednesday, researchers found that Japanese car manufacturer Nissan said it could sell information about drivers ...

  • CISA Releases Two Industrial Control Systems Advisories

    September 5, 2023

    CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Rockwell Automation Integer Overflow Vulnerability

    September 1, 2023

    Rockwell Automation’s ThinManager is designed for managing thin clients, mobile devices, cameras, and industrial devices. Comprising both client and server components, the client facilitates device configuration while the server handles data transfer and client requests. To maintain data consistency across the system, ThinManager servers synchronize using messages sent via port TCP/2031. These messages, based on a ...

  • CISA Releases Four Industrial Control Systems Advisories

    August 31, 2023

    CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • CISA Releases Six Industrial Control Systems Advisories

    August 24, 2023

    CISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds Two Known Exploited Vulnerabilities to Catalog