ICS-SCADA

Pierluigi Paganini October 14, 2020
Talos experts disclosed unpatched DoS flaws in Allen-Bradley adapter

Cisco Talos found several remotely exploitable denial-of-service (DoS) vulnerabilities in a Rockwell Automation industrial automation product. A researcher from Cisco Talos released technical details of several remotely exploitable denial-of-service (DoS) vulnerabilities in an industrial automation product made by Rockwell Automation. The product affected by the flaw is the Allen-Bradley 1794-AENT Flex I/O series B adapter, […]

Pierluigi Paganini September 21, 2020
FERC, NERC joint report on cyber incident response at electric utilities

The US FERC and NERC published a study on cyber incident response at electric utilities that also includes recovery best practices. The U.S. Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) released a study on cyber incident response and recovery best practices for electric utilities. The report is based on information […]

Pierluigi Paganini August 17, 2020
The Australian government wants to respond to attacks on critical infrastructure

The Australian government aims at giving itself the power to manage the response of private enterprises to cyber attacks on critical infrastructure. The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them. According to a Consultation Paper […]

Pierluigi Paganini July 27, 2020
NSA/CISA joint report warns on attacks on critical industrial systems

NSA is warning of cyber attacks launched by foreign threat actors against organizations in the critical infrastructure sector across the U.S. The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning of cyber attacks targeting critical infrastructure across the U.S. “Over recent months, cyber-actors have demonstrated their […]

Pierluigi Paganini July 20, 2020
Two more cyber attacks hit Israel’s water facilities in June

In April a cyber attack hit an Israeli water facility, last week, officials revealed two more cyber attacks against other water management facilities. In April an attack hit an Israeli water facility attempting to modify water chlorine levels, last week officials from the Water Authority revealed two more cyber attacks on other facilities in the […]

Pierluigi Paganini April 27, 2020
Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. Israel’s National Cyber Directorate announced to have received reports of […]

Pierluigi Paganini April 18, 2020
Coronavirus-themed campaign targets energy sector with PoetRAT

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors.  Cisco Talos researchers have uncovered a new Coronavirus-themed campaign employing a previously-undiscovered RAT tracked as PoetRAT. The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, […]

Pierluigi Paganini March 28, 2020
Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbitrary code. CODESYS […]

Pierluigi Paganini March 12, 2020
Talos found tens of dangerous flaws in WAGO Controllers

Cisco Talos experts discovered tens of flaws in WAGO products that expose controllers and human-machine interface (HMI) panels to remote attacks. Talos and Germany’s VDE CERT this week published advisories describing roughly 30 vulnerabilities identified in devices made by WAGO, a German company specializing in electrical connection and automation solutions. The vulnerabilities affect PFC100 and PFC200 programmable […]

Pierluigi Paganini March 11, 2020
Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

The European Network of Transmission System Operators for Electricity (ENTSO-E) disclose a security breach this week. The European Network of Transmission System Operators for Electricity (ENTSO-E) revealed this week that threat actors penetrated its network. ENTSO-E, the European Network of Transmission System Operators, represents 43 electricity transmission system operators (TSOs) from 36 countries across Europe, […]