Industrial Security

November 1, 2022

CISA released one Industrial Control Systems (ICS) advisory on November 1, 2022. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-221-01 Mitsubishi Electric Multiple Factory Automation Products (Update C) Read more… Source: U.S. Cybersecurity and Infrastructure ...

October 28, 2022

German copper producer Aurubis has announced that it suffered a cyberattack that forced it to shut down IT systems to prevent the attack’s spread. Aurubis is Europe’s largest copper producer and the second largest in the world, with 6,900 employees worldwide, and produces one million tonnes of copper cathodes yearly. In an announcement published on their website, ...

October 28, 2022

CISA has released four (4) Industrial Control Systems (ICS) advisories on October 27, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-300-01 Rockwell Automation FactoryTalk Alarm and Events Server ICSA-22-300-02 SAUTER Controls moduWeb ICSA-22-300-03 Rockwell ...

October 27, 2022

The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America’s critical infrastructure industries. The addition makes chemical facilities and manufacturers the fourth sector under the Biden Administration’s Industrial Control Systems (ICS) Cybersecurity Initiative, which rolled out in July 2021 following the ransomware attack on Colonial Pipeline ...

October 27, 2022

Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, we will discuss the characteristics of each industry, the motivations and ...

October 20, 2022

CISA has released three (3) Industrial Control Systems (ICS) advisories on October 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-293-01 Bentley Systems MicroStation Connect ICSMA-21-294-01 B Braun Infusomat Space Large Volume Pump ...

October 18, 2022

CISA released two Industrial Control Systems (ICS) advisories on October 18, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-291-01 Advantech R-SeeNet ICSA-21-336-06 Hitachi Energy APM Edge (Update A) Read more… Source: U.S. Cybersecurity and Infrastructure ...

October 13, 2022

CISA has released twenty-five (25) Industrial Control Systems (ICS) advisories on October 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-286-01 Siemens LOGO! ICSA-22-286-02 Siemens Industrial Edge Management ICSA-22-286-03 Siemens Solid Edge ICSA-22-286-04 Siemens SIMATIC ...

October 13, 2022

The Budworm espionage group has mounted attacks over the past six months against a number of strategically significant targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S. state legislature. The latter attack is the first time in a number of years Symantec has seen Budworm targeting a U.S-based ...

October 8, 2022

Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB worth of documents in a 2022 cyberattack.The threat actors also leaked samples of allegedly stolen files, ...

October 7, 2022

CISA has released three Industrial Control Systems (ICS) advisories on October 11, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-284-01 Altair HyperView Player ICSA-22-284-02 Daikin SVMPC1 and SVMPC2 ICSA-22-284-03 Sensormatic Electronics C-CURE 9000 Read more… Source: ...

September 29, 2022

UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part numbers BMXP34*). Controllers are configured and programmed using engineering software – EcoStruxure™ Control Expert (Unity ...

September 22, 2022

Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat (APT) groups, target OT/ICS assets to achieve political gains, economic advantages, or destructive effects. Because OT/ICS systems physical operational processes, cyber ...

September 8, 2022

For the first time in five years of observations, the lowest percentage in the ‎first half of the year was observed in March.‎ During the period from January to March, the percentage of attacked ICS computers decreased by 1.7 p.p. Among regions, the highest percentage of ICS computers on which malicious objects were blocked was observed ...

September 6, 2022

CISA has released five Industrial Control Systems (ICS) advisories on September 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-249-01 Triangle Microworks Library ICSA-22-249-02 AVEVA Edge 2020 R2 SP12020 R2 ICSA-22-249-03 Cognex 3D-A1000 Dimensioning ...

August 31, 2022

CISA has released two Industrial Control Systems (ICS) advisories on September 01, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSMA-22-244-01 Contec CMS8000 ICSA-22-244-01 Delta Electronics DOPSoft Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

August 29, 2022

CISA has released 12 Industrial Control Systems (ICS) advisories on August 30, 2022. These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-242-01 Hitachi Energy FCP ICSA-22-242-02 Hitachi Energy GWS ICSA-22-242-03 Hitachi Energy MSM ICSA-22-242-04 Hitachi Energy RTU500 ...

August 22, 2022

CISA has released 7 Industrial Control Systems (ICS) advisories on August 23, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-235-01 ARC Informatique PcVue ICSA-22-235-02 Delta Industrial Automation DIALink ICSA-22-235-03 myScada Pro ICSA-22-235-05 Measuresoft ScadaPro Server ICSA-22-235-06 ...

August 19, 2022

The notorious ‘Grandoreiro’ banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. The malware has been active in the wild since at least 2017 and remains one of the most significant threats of its kind for Spanish-speaking users. The recent campaign, spotted ...

August 18, 2022

CISA has released 5 Industrial Control Systems (ICS) advisories on August 18, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-172-01 Mitsubishi Electric MELSEC iQ-R, Q, and L Series CPU Module and MELIPC ...