A study commissioned by Siemens revealed that US oil and gas industry is unprepared to mitigate cybersecurity risks in operational technology environments. A new study commissioned by the engineering firm Siemens revealed that oil and gas industry in the United States is largely unprepared to mitigate cybersecurity risks in operational technology (OT) environments. The survey was conducted […]
The security researchers at the Georgia Institute of Technology have simulated a ransomware-based attack on PLCs in a water treatment plant. The security researchers at the Georgia Institute of Technology have conducted an interesting research on the potential impact of ransomware on industrial control systems (ICS). The researchers David Formby, a Ph.D. student in the Georgia […]
The web-based SCADA system Honeywell XL Web II Controller is affected by multiple flaws that can be remotely exploited to expose passwords in clear text. A popular web-based SCADA system designed by Honeywell is affected by multiple vulnerabilities that can be remotely exploited to expose passwords in clear text. In order to access the password in clear […]
According to data provided by IBM Managed Security Services, the number of ICS attacks in 2016 continues to increase worldwide. Industrial control systems (ICS) continues to be a privileged target of hackers. According to IBM Managed Security Services, the number of cyber attacks increased by 110 percent in 2016 compared to 2015. According to the researchers […]
Siemens released security updates and temporary fixes to fix a privilege escalation flaw, tracked CVE-2016-7165, that affects several industrial products. Siemens has released security updates and temporary fixes to address a privilege escalation vulnerability, tracked CVE-2016-7165, that affects several industrial products. The flaw could be exploited by attackers to escalate their privileges if the flawed products […]
The effects of cyber-attacks against SCADA/ICS are well known, however, there is a great confusion when dealing with mitigation techniques. The Majority are aware of the impact cyber-attacks can have on Industrial Control Systems however, the reality in terms of mitigation techniques are shrouded with confusion and a reactive approach. Recent 0-day vulnerability dubbed as […]
The residents in two apartment buildings Finland faced more that a week of serious problem due to a DDoS attack that targeted the building control systems. What does a DDoS with everyday life? The recent attack against the Dyn DNS service powered by an IoT botnet demonstrated the weakness of modern society to cyber threats. Anyway, to better explain […]
At the Black Hat Europe 2016 two security researchers devised undetectable attacks that could be used to hack PLC systems avoid being detected. Security researchers at the Black Hat Europe 2016 have presented a new attack method that could be used to hack programmable logic controllers avoid being detected. programmable logic controllers are essential components for […]
CyberX experts at the SecurityWeekâs 2016 ICS Cyber Security Conference disclosed a critical flaw in the Schneider Industrial Firewalls. This week, at the SecurityWeekâs 2016 ICS Cyber Security Conference, researchers at industrial security firm CyberX disclosed several important vulnerabilities. The experts demonstrated how hackers can target ICS systems and passing security measures in places. Among the vulnerabilities disclosed by […]
Kaspersky Lab has launched a new global computer emergency response team (CERT), the Kaspersky Lab ICS-CERT, focusing on industrial control systems (ICS).. Kaspersky has anticipated launching an Industrial Control Systems CERT. Of course, I’m joking, anyway I always sustained that the creation of a similar structure represents an important achievement for the cyber security of any government. Kaspersky […]