ICS-SCADA

Pierluigi Paganini April 06, 2021
Experts found critical flaws in Rockwell FactoryTalk AssetCentre

Rockwell Automation has recently addressed nine critical vulnerabilities in its FactoryTalk AssetCentre product with the release of version v11. The American provider of industrial automation Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. FactoryTalk AssetCentre provides customers with a centralized tool for securing, managing, versioning, […]

Pierluigi Paganini April 05, 2021
33.4% of ICS computers hit by a cyber attack in H2 2020

H2 2020 – Kaspersky observed an increase in ransomware attacks on industrial control system (ICS) systems in developed countries. Cybersecurity firm Kaspersky has published the Industrial Control System Threat Landscape report for H2 2020 which is based on statistical data collected by the distributed antivirus Kaspersky Security Network (KSN).  The data analyzed by the experts were received […]

Pierluigi Paganini March 22, 2021
Which is the Threat landscape for the ICS sector in 2020?

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. The experts gathered data related to the cyberthreats that […]

Pierluigi Paganini February 27, 2021
Experts found a critical authentication bypass flaw in Rockwell Automation software

A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University […]

Pierluigi Paganini February 07, 2021
The number of ICS flaws in 2020 was 24,72% higher compared to 2019

The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. According to a report published by the industrial cybersecurity firm Claroty that focuses on the second half of 2020, the number of flaws discovered in industrial control system (ICS) products in 2020 (893 flaws) was 24,72% higher […]

Pierluigi Paganini January 28, 2021
CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

The U.S. CISA published a security advisory for High-Severity flaws in some SCADA/HMI products made by Japanese company Fuji Electric. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security advisory to warn industrial organizations of some high severity flaws in SCADA/HMI products made by Japanese electrical equipment company Fuji Electric. The vulnerabilities affect […]

Pierluigi Paganini January 16, 2021
Siemens fixed tens of flaws in Siemens Digital Industries Software products

Siemens has addressed tens of vulnerabilities in Siemens Digital Industries Software products that can allow arbitrary code execution. Siemens has addressed 18 vulnerabilities affecting some products of Siemens Digital Industries Software which provides product lifecycle management (PLM) solutions. The vulnerabilities affect Siemens JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format) and […]

Pierluigi Paganini December 12, 2020
NI CompactRIO controller flaw could allow disrupting production

A serious flaw in National Instruments CompactRIO controllers could allow remote attackers to disrupt production processes in an organization. A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. The National Instruments CompactRIO product, a rugged, real-time controller that provides high-performance […]

Pierluigi Paganini December 04, 2020
Iranian hackers access unsecured HMI at Israeli Water Facility

A group of Iranian hackers gained access to a un unprotected ICS at an Israeli Water Facility and posted a video as proof of the hack. Researchers from industrial cybersecurity firm OTORIO revealed that a group of Iranian hackers gained access to a un unprotected ICS at the Israeli Water Facility. The threat actors accessed […]

Pierluigi Paganini November 30, 2020
Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days

TIM’s Red Team Research led by Massimiliano Brolli discovered 6 new zero-day vulnerabilities in Schneider Electric StruxureWare. Today, TIM’s Red Team Research led by Massimiliano Brolli, discovered 6 new vulnerabilities in the StruxureWare product. The flaws have been addressed by the manufacturer Schneider Electric, between April and November 2020. Schneider Electric is a vendor specialized […]