The Hacker News
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
The Hacker News
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
Security Affairs
Government agencies from the US, Canada and the UK warn of Russian threat actors targeting critical infrastructure in North America and Europe
CyberNews
Independent and ideologically motivated pro-Russian hacktivists can physically threaten insecure and misconfigured operational technology devices.
SecurityWeek
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
Infosecurity News
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
SC Magazine
Government agencies warn industry to improve their operational technology security following breaches of North American and European systems.
Bleeping Computer
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.
SecurityWeek
Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.
SecurityWeek
In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products.
The Hacker News
Breaking down OT cyber-attacks: Not all are complex! A new report delves into the types, historical trends, and what the future may hold for operation
SecurityWeek
Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware.
The Cyber Express
The Cybersecurity and Infrastructure Security Agency (CISA) has published three advisories addressing security issues, vulnerabilities, and potential exploits in Industrial
The Record
The incident appears to be the latest perpetrated by the Cyber Av3ngers group targeting the Israel-made Unitronics tool.
SecurityWeek
Hackers launched a cyberattack on an Irish water utility, causing disruption and leaving people without water for two days.
SC Magazine
Default passwords enabled the Iranian-linked APT to compromise Israeli-made control systems at water and wastewater facilities, a public aquarium and a brewery.
Infosecurity News
Guidance follows US incident involving Unitronics programmable logic controllers
SecurityWeek
After hackers compromised ICS at a US water utility, CISA issued a warning over the exploitation of the targeted Unitronics PLC.
CSO
Federal and state investigations are underway for the recent pro-Iran hack into a Pennsylvania-based water utility targeting Israel-made equipment.
SecurityWeek
Municipal Water Authority of Aliquippa confirms that hackers took control of a booster station, but says no risk to water supply.
SecurityWeek
Weintek has patched critical and high-severity vulnerabilities found in its cMT series HMIs by industrial cybersecurity firm TXOne.
SecurityWeek
ICS/OT security budgets have decreased in 2023 compared to last year, according to a survey conducted by SANS.
SecurityWeek
ICS computers in the Western world have been increasingly attacked, but the percentages are still small compared to other parts of the globe.
SecurityWeek
Rockwell Automation ThinManager ThinServer vulnerabilities could allow remote attackers to take control of servers and hack HMIs.
SecurityWeek
Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.
Cyber Security News
Siemens and Schneider Electric published nine new security warnings that together addressed 50 vulnerabilities impacting its industrial devices.
SecurityWeek
ICS Patch Tuesday: Siemens and Schneider Electric release nine new security advisories and fix 50 vulnerabilities in their products.
Infosecurity News
A study by the SANS Institute and Trend Micro found major discrepancies between IT and OT asset visibility within organizations
CSO
The Phoenix group claims to have access to all hospitals in India and information on hospital employees and chief physicians.
CSO
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
SecurityWeek
A series of severe vulnerabilities affecting InHand industrial routers can allow hackers to bypass security and gain access to thousands of internal OT networks.
SecurityWeek
Malicious actors could obtain global private keys that protect Siemens PLCs, and the industrial giant has warned that the likelihood of exploitation is increasing.
SecurityWeek
Spyware, ransomware and cryptojacking malware have been increasingly detected on ICS devices, according to data from Kaspersky.
SecurityWeek
CISA has added 10 new flaws to its Known Exploited Vulnerabilities Catalog, including one affecting a discontinued Delta Electronics HMI software.
SecurityWeek
The Cl0p ransomware group claims to have accessed SCADA systems at a UK water company, but their claims about being able to control chemicals could be overblown.
SecurityWeek
Potentially serious vulnerabilities have been found in a building management system made by Alerton, a brand of industrial giant Honeywell.
Trend Micro
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels.
SecurityWeek
Kaspersky saw a small increase in the percentage of ICS computers attacked in 2021, but there was a more significant rise for certain types of threats.
SecurityWeek
Siemens has released patches for a series of new PLC vulnerabilities dubbed S7+:Crash that can be exploited to remotely crash controllers.