White Hat Hackers Get the Chance to Break Industrial Control System Security in PWN2OWN 2020

From enterprise applications and web browsers to mobile and IoT devices, hacking competition Pwn2Own has added another focus: industrial control system (ICS) and its associated protocols. Trend Micro’s Zero Day Initiative (ZDI), the bug bounty program behind Pwn2Own, has long been Read More …

Uncovering IoT Threats in the Cybercrime Underground

Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical Read More …

Cyberattacks against industrial targets have doubled over the last 6 months

Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have Read More …

Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component Read More …

Threat Landscape for Industrial Automation Systems in H2 2018

All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. The data was received from those KSN users who gave their consent to have data anonymously transferred from their computers. We do not Read More …

Siemens Warns of Critical Remote-Code Execution ICS Flaw

Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a Read More …

New industrial espionage campaign leverages AutoCAD-based malware

Security researchers have spotted a somewhat unique malware distribution campaign that targets companies using AutoCAD-based malware. Discovered by cyber-security firm Forcepoint, which shared its findings with ZDNet yesterday, the campaign appears to have been active since 2014, based on telemetry data Read More …