The Hacker News
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
Security Affairs
Pro-Russia hackers target critical infrastructure in North America and Europe
Government agencies from the US, Canada and the UK warn of Russian threat actors targeting critical infrastructure in North America and Europe
CyberNews
Authorities urging immediate action against pro-Russian hacktivist attacks
Independent and ideologically motivated pro-Russian hacktivists can physically threaten insecure and misconfigured operational technology devices.
SecurityWeek
Russian Hackers Target Industrial Systems in North America, Europe
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
Infosecurity News
US and UK Warn of Disruptive Russian OT Attacks
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
SC Magazine
Pro-Russia hackers target OT weaknesses in critical infrastructure
Government agencies warn industry to improve their operational technology security following breaches of North American and European systems.
Bleeping Computer
US govt warns of pro-Russian hacktivists targeting water facilities
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.
SecurityWeek
Recent OT and Espionage Attacks Linked to Russia's Sandworm, Now Named APT44
Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.
SecurityWeek
Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products
In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products.
The Hacker News
Making Sense of Operational Technology Attacks: The Past, Present, and Future
Breaking down OT cyber-attacks: Not all are complex! A new report delves into the types, historical trends, and what the future may hold for operation
SecurityWeek
Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers
Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware.
The Cyber Express
CISA Advisory: Critical Vulnerabilities Found in Rockwell, Mitsubishi, and Unitronics Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has published three advisories addressing security issues, vulnerabilities, and potential exploits in Industrial
The Record
Two-day water outage in remote Irish region caused by pro-Iran hackers
The incident appears to be the latest perpetrated by the Cyber Av3ngers group targeting the Israel-made Unitronics tool.
SecurityWeek
Cyberattack on Irish Utility Cuts Off Water Supply for Two Days
Hackers launched a cyberattack on an Irish water utility, causing disruption and leaving people without water for two days.
SC Magazine
Cyber Av3ngers gang hacks industrial controllers across multiple US states
Default passwords enabled the Iranian-linked APT to compromise Israeli-made control systems at water and wastewater facilities, a public aquarium and a brewery.
Infosecurity News
NCSC Urges UK Water Companies to Secure Control Systems
Guidance follows US incident involving Unitronics programmable logic controllers
SecurityWeek
CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack
After hackers compromised ICS at a US water utility, CISA issued a warning over the exploitation of the targeted Unitronics PLC.
CSO
FBI probes into Pennsylvanian water utility hack by pro-Iran group
Federal and state investigations are underway for the recent pro-Iran hack into a Pennsylvania-based water utility targeting Israel-made equipment.
SecurityWeek
Hackers Hijack Industrial Control System at US Water Utility
Municipal Water Authority of Aliquippa confirms that hackers took control of a booster station, but says no risk to water supply.
SecurityWeek
Critical Vulnerabilities Expose Weintek HMIs to Attacks
Weintek has patched critical and high-severity vulnerabilities found in its cMT series HMIs by industrial cybersecurity firm TXOne.
SecurityWeek
SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
ICS/OT security budgets have decreased in 2023 compared to last year, according to a survey conducted by SANS.
SecurityWeek
ICS Computers in Western Countries See Increasing Attacks: Report
ICS computers in the Western world have been increasingly attacked, but the percentages are still small compared to other parts of the globe.
SecurityWeek
Rockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to Attacks
Rockwell Automation ThinManager ThinServer vulnerabilities could allow remote attackers to take control of servers and hack HMIs.
SecurityWeek
Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices
Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.
Cyber Security News
ICS/OTICS Patch Tuesday: Siemens and Schneider Electric Releases Patch for 50 vulnerabilities
Siemens and Schneider Electric published nine new security warnings that together addressed 50 vulnerabilities impacting its industrial devices.
SecurityWeek
ICS Patch Tuesday: Siemens, Schneider Electric Fix 50 Vulnerabilities
ICS Patch Tuesday: Siemens and Schneider Electric release nine new security advisories and fix 50 vulnerabilities in their products.
Infosecurity News
OT Assets High Priority for Security Leaders as Industrial Threats Loom
A study by the SANS Institute and Trend Micro found major discrepancies between IT and OT asset visibility within organizations
CSO
Russian hacktivist group targets India’s health ministry
The Phoenix group claims to have access to all hospitals in India and information on hospital employees and chief physicians.
CSO
PLC vulnerabilities can enable deep lateral movement inside OT networks
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
SecurityWeek
InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks
A series of severe vulnerabilities affecting InHand industrial routers can allow hackers to bypass security and gain access to thousands of internal OT networks.
SecurityWeek
Siemens Not Ruling Out Future Attacks Exploiting Global Private Keys for PLC Hacking
Malicious actors could obtain global private keys that protect Siemens PLCs, and the industrial giant has warned that the likelihood of exploitation is increasing.
SecurityWeek
Spyware, Ransomware, Cryptojacking Malware Increasingly Detected on ICS Devices
Spyware, ransomware and cryptojacking malware have been increasingly detected on ICS devices, according to data from Kaspersky.
SecurityWeek
CISA: Vulnerability in Delta Electronics ICS Software Exploited in Attacks
CISA has added 10 new flaws to its Known Exploited Vulnerabilities Catalog, including one affecting a discontinued Delta Electronics HMI software.
SecurityWeek
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack
The Cl0p ransomware group claims to have accessed SCADA systems at a UK water company, but their claims about being able to control chemicals could be overblown.
SecurityWeek
OT Security Firm Warns of Safety Risks Posed by Alerton Building System Vulnerabilities
Potentially serious vulnerabilities have been found in a building management system made by Alerton, a brand of industrial giant Honeywell.
Trend Micro
An In-Depth Look at ICS Vulnerabilities Part 2
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels.
SecurityWeek
Slight Increase in Attacks on ICS Computers in 2021: Report
Kaspersky saw a small increase in the percentage of ICS computers attacked in 2021, but there was a more significant rise for certain types of threats.
SecurityWeek
New Vulnerabilities Can Allow Hackers to Remotely Crash Siemens PLCs
Siemens has released patches for a series of new PLC vulnerabilities dubbed S7+:Crash that can be exploited to remotely crash controllers.