Industrial Security


  • CISA Releases Five Industrial Control Systems Advisories

    June 1, 2023

    CISA released five Industrial Control Systems (ICS) advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta Electronics DIAEnergie (Update A) Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises

    May 25, 2023

    Mandiant identified novel operational technology (OT) / industrial control system (ICS)-oriented malware, which we track as COSMICENERGY, uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. The malware is designed to cause electric power disruption by interacting with IEC 60870-5-104 (IEC-104) devices, such as remote terminal units (RTUs), that are ...

  • CISA Releases Four Industrial Control Systems Advisories

    May 23, 2023

    CISA released four Industrial Control Systems (ICS) advisories on May 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-01 Hitachi Energy AFS65x, AFS67x, AFR67x and AFF66x Products ICSA-23-143-02 Hitachi Energy RTU500 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds Three Known Exploited Vulnerabilities to Catalog   

  • CISA Releases Five Industrial Control Systems Advisories

    May 18, 2023

    CISA released five Industrial Control Systems (ICS) advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-138-01 Carlo Gavazzi Powersoft ICSA-23-138-02 Mitsubishi Electric MELSEC WS ICSA-23-138-03 Hitachi Energy MicroSCADA Pro/X SYS600 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases Three Industrial Control Systems Advisories   

  • CISA Releases Fifteen Industrial Control Systems Advisories

    May 11, 2023

    CISA released fifteen Industrial Control Systems (ICS) advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-131-01 Siemens Solid Edge ICSA-23-131-02 Siemens SCALANCE W1750D ICSA-23-131-03 Siemens Siveillance Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt

    May 10, 2023

    Industrial cybersecurity company Dragos today disclosed what it describes as a “cybersecurity event” after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices. While Dragos states that the threat actors did not breach its network or cybersecurity platform, they got access to the company’s SharePoint cloud service and ...

  • CISA Releases Two Industrial Control Systems Advisories

    May 9, 2023

    CISA released two Industrial Control Systems (ICS) advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds One Known Exploited Vulnerability to Catalog  

  • Leaked Private & BootGuard Keys in MSI Cyber Attack Pose Threat to PC Security

    May 8, 2023

    Following a recent cyber attack on MSI’s systems, hackers managed to obtain private keys and Intel BootGuard Keys, according to a warning from respected security firm Binarly. These keys are essential for maintaining the security of a company’s devices and firmware, and the leak could result in severe security compromises. Binarly’s CEO, Alex Matrosov, disclosed on ...

  • CISA Releases One Industrial Control Systems Medical Advisory

    April 27, 2023

    CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical advisory for technical details and mitigations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...

  • Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

    April 20, 2023

    The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned. Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network ...

  • CISA Releases Four Industrial Control Systems Advisories

    April 18, 2023

    CISA released four Industrial Control Systems (ICS) advisories on April 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-108-01 Omron CSCJ Series ICSA-23-108-02 Schneider Electric Easy UPS Online Monitoring Software Read more… Source: U.S. Cybersecurity ...

  • Rheinmetall suffers cyber attack, military business unaffected, spokesperson says

    April 14, 2023

    Rheinmetall (RHMG.DE), suffered a cyber attack to the division of its business dealing with industrial customers, mostly in the automotive sector, the company said on Friday, adding its military division was unaffected. “Rheinmetall is currently investigating the extent of the damages and is in close contact with the relevant authorities,” a spokesperson said. Read more… Source: Reuters  

  • CISA Releases Sixteen Industrial Control Systems Advisories

    April 13, 2023

    CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSMA-23-103-01 B. Braun Battery Pack SP with Wi-Fi ICSA-23-103-01 Siemens Adaptec maxView Application ICSA-23-103-02 Siemens JT Open and JT Utilities ICSA-23-103-03 Siemens in OPC Foundation Local Discovery Server Read more… Source: U.S. Cybersecurity and Infrastructure ...

  • Money Message ransomware gang claims MSI breach, demands $4 million

    April 7, 2023

    Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with ...

  • Western Digital suffers cyber attack, shuts down systems

    April 3, 2023

    The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems. After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts. Read more… Source: IT Pro  

  • CISA Releases Six Industrial Control Systems Advisories

    March 23, 2023

    CISA released six Industrial Control Systems (ICS) advisories on March 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-082-01 RoboDK ICSA-23-082-02 CP-Plus KVMS Pro ICSA-23-082-03 SAUTER EY-modulo 5 Building Automation Stations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases Eight Industrial Control Systems Advisories  

  • Critical infrastructure gear is full of flaws, but hey, at least it’s certified

    March 23, 2023

    Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial of service, allow configuration manipulation, and achieve remote code execution, according to security researchers. And most of these operational technology (OT) products – which include industrial control systems and related devices – claim security certifications, some of which they did not actually have. Read ...

  • Ferrari reports cyber incident with ransom demand; no impact to operations

    March 20, 2023

    Italian luxury sports car maker Ferrari SpA said on Monday that a hacker recently demanded ransom from the company related to certain client contact details, adding that the breach had no impact on the company’s operations. Ferrari said it notified its customers of the potential data exposure and the nature of the incident. Read more… Source: Yahoo! News  

  • CISA Releases Eight Industrial Control Systems Advisories

    March 16, 2023

    CISA released eight Industrial Control Systems (ICS) advisories on March 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-075-01 Siemens SCALANCE, RUGGEDCOM Third-Party ICSA-23-075-02 Siemens RUGGEDCOM CROSSBOW V5.3 Read more… Source: U.S. Cybersecurity and Infrastructure ...

  • Threat landscape for industrial automation systems for H2 2022

    March 6, 2023

    In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%. This was higher than the percentages for 2021 and even 2020. Read more… Source: Kaspersky