ICS Archives - Page 3 of 9 - Security Affairs

Pierluigi Paganini April 27, 2020

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. Israel’s National Cyber Directorate announced to have received reports of […]

Pierluigi Paganini April 18, 2020

Coronavirus-themed campaign targets energy sector with PoetRAT

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. Cisco Talos researchers have uncovered a new Coronavirus-themed campaign employing a previously-undiscovered RAT tracked as PoetRAT. The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, […]

Pierluigi Paganini March 28, 2020

Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbitrary code. CODESYS […]

Pierluigi Paganini March 12, 2020

Talos found tens of dangerous flaws in WAGO Controllers

Cisco Talos experts discovered tens of flaws in WAGO products that expose controllers and human-machine interface (HMI) panels to remote attacks. Talos and Germany’s VDE CERT this week published advisories describing roughly 30 vulnerabilities identified in devices made by WAGO, a German company specializing in electrical connection and automation solutions. The vulnerabilities affect PFC100 and PFC200 programmable […]

Pierluigi Paganini February 21, 2020

Dragos Report: Analysis of ICS flaws disclosed in 2019

More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique types of flaws, […]

Pierluigi Paganini January 28, 2020

A new piece of Snake Ransomware targets ICS processes

The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). The Snake ransomware is written in the Golang programming language and has been used in […]

Pierluigi Paganini January 08, 2020

MITRE presents ATT&CK for ICS, a knowledge base for ICS

MITRE announced the initial release of a version of its MITRE ATT&CK knowledge base that focuses on industrial control systems (ICS). MITRE’s ATT&CK framework is becoming a standard in cybersecurity community for the classification of attacker behavior. Now the organization is going to propose a knowledge base that focused on ICS systems for its MITRE’s ATT&CK. […]

Pierluigi Paganini December 16, 2019

Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products

Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […]

Pierluigi Paganini December 13, 2019

Flaws in Siemens SPPA-T3000 control system expose power plants to hack

Experts discovered tens of flaws in the Siemens SPPA-T3000 control systems that could be exploited to attack fossil and renewable power plants. Siemens informed customers that the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impacted by 35 security issues. Some of the vulnerabilities have been rated as […]

Pierluigi Paganini August 11, 2019

Boffins hacked Siemens Simatic S7, most secure controllers in the industry

A group of Israeli researchers demonstrated that it is possible to take over the Simatic S7 controller one of the most secure controllers in the industry. A team of Israeli researchers demonstrated that it is possible to take control of the Simatic S7 controller without the knowledge of the operators. The team was composed of […]

ICS

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Coronavirus-themed campaign targets energy sector with PoetRAT

Critical buffer overflow in CODESYS allows remote code execution

Talos found tens of dangerous flaws in WAGO Controllers

Dragos Report: Analysis of ICS flaws disclosed in 2019

A new piece of Snake Ransomware targets ICS processes

MITRE presents ATT&CK for ICS, a knowledge base for ICS

Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products

Flaws in Siemens SPPA-T3000 control system expose power plants to hack

Boffins hacked Siemens Simatic S7, most secure controllers in the industry

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Seychelles Commercial Bank Reported Cybersecurity Incident

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Scattered Spider targets VMware ESXi in using social engineering

QUICK LINKS

ICS

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!