News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: ICS

Moxa industrial switch with critical 9.2 vulnerability
24 January 2025
| No comments
| Short news

The provider of industrial switches Moxa reports a critical vulnerability with a CVSS base score of 9.2 out of 10 in its security advisory. Hackers could break in using brute force attacks. The currently available security patch should be installed immediately. In mid-January 2025, Moxa published a security notice with the ID MPSA-241407, which concerns a critical security vulnerability in the EDS-508A series. This vulnerability, with the CVE-2024-12297, allows attackers to bypass authentication and gain unauthorized access to the system. All firmware versions up to and including 3.11 are affected. The vulnerability CVE-2024-12297 is classified as critical with a CVSS base score of 9.2...

Read more

OT systems are often gateways for cyber attacks
2 January 2025
| No comments
| Sophos, Stories

As a survey shows, OT systems were already a gateway for cyber attacks in almost half of the companies surveyed. And this despite the fact that the companies make a lot of efforts to ensure OT security. Most also rely on the support of external experts. This is because many in the KRITIS sector are already expecting cyber attacks. Machines, systems and systems are increasingly networked, and the development process is highly dynamic. Industry 4.0 and "intelligent factories" are changing the production landscape at high speed. At the same time, the risks of cyber attacks on operational technology (OT) are increasing, and with them the complex requirements for OT security. OT...

Read more

Dangerous gaps: Study on ICS and OT cybersecurity
15 December 2024
| No comments
| PR News

The SANS Institute has released the results of its 2024 State of ICS/OT Cybersecurity study. It shows significant progress in securing industrial control systems (ICS) and operational technologies (OT). However, the report also warns that many companies are still leaving critical systems unprotected. Companies that use both ICS/OT cybersecurity standards and threat intelligence to guide their program are ahead of their competitors in terms of maturity and capabilities. Such companies detect cyber events faster, are more likely to have mapped out all external connections to the industrial environment, and typically have ICS/OT-specific…

Read more

CISA: Safety instructions for 21 industrial control systems
18 October 2024
| No comments
| Short news

The CISA has published 21 security notices on the subject of Industrial Control Systems (ICS). The top US IT security authority lists all ICS components and the vulnerabilities identified and their CVSS values. There are also critical gaps. The current notices from the CISA - Cybersecurity and Infrastructure Security Agency, the top US IT security authority, are quite something. The list contains 21 warnings about vulnerable industrial control systems. They are all IIoT systems from the manufacturers Siemens, Schneider Electric, Rockwell Automation and Delta Elektronik. Each product is presented on a separate page. Here...

Read more

Industrial companies: Targeted by cyber criminals
July 30, 2024
| No comments
| Short news

Industrial companies worldwide continue to be a popular target for cyber criminals, as the latest analysis by Kaspersky ICS CERT shows. In the first quarter of this year, malicious objects were blocked on 24,4 percent of ICS computers worldwide. Although the current figures represent a minimal decrease compared to the previous quarter (24,7 percent), the range of threats remains wide. The malicious objects blocked included malicious scripts and phishing websites (5,8 percent), spyware, backdoors and keyloggers (3,9 percent) and malicious documents (1,7 percent). In total, Kaspersky solutions blocked...

Read more

ICS: New threat to industrial control systems
July 29, 2024
| No comments
| Short news

FrostyGoop, a new malware variant that specializes in industrial control systems (ICS), poses new threats to critical infrastructure worldwide. The malware was used for an attack in Lviv, Ukraine, in January 2024. FrostyGoop was identified in April 2024 by OT cybersecurity experts Dragos and is the first ICS-specific malware that uses Modbus TCP communication to directly attack and manipulate operational technologies (OT). The complete Dragos report on FrostyGoop is available for download. Unique threat from FrostyGoop FrostyGoop is the ninth ICS-specific malware discovered to date. Its ability to…

Read more

Danger for industry: One in six industrial PCs attacked
12 May 2024
| No comments
| PR News

Industrial companies in Germany are still in the attackers' sights. This is also shown by an analysis by Kaspersky: more and more PCs used in industry are affected by cyber threats and have had to fend off attacks. Every sixth device was affected. In 2023, Kaspersky's ICS security solutions blocked malicious objects on 18,3 percent of industrial computers in Germany; this corresponds to a slight increase compared to the previous year (15,1 percent). The majority of threats were denylisted Internet resources (5,8 percent), malicious scripts and phishing sites (6,1 percent), and malicious documents (1,5 percent). It went…

Read more

CRITICISM: OT and IoT network anomalies are ubiquitous 
10 April 2024
| No comments
| PR News

A new report shows that network anomalies and attacks are the most common threats to OT and IoT environments, especially in the area of ​​critical infrastructure. Vulnerabilities in critical production areas have increased by 230 percent. Nozomi Networks has released its latest Networks Labs OT & IoT Security Report. The experts' analysis shows that network anomalies and attacks represent the greatest threat to OT and IoT environments. Another reason for concern: vulnerabilities in critical production areas have increased by 230 percent. Therefore, cybercriminals have many more opportunities to access networks and cause these anomalies. Collected telemetry data…

Read more

China: Companies must report vulnerabilities – hackers are already waiting
September 12, 2023
| No comments
| Short news

By law, companies in China - including foreign ones - are obliged to immediately report vulnerabilities in systems and errors in codes to a government agency. However, experts warn that China uses state-controlled hackers and could use the information about the vulnerabilities to gain almost unhindered access to companies' systems. The Atlantic Council think tank has published a report analyzing the new Chinese regulation that requires companies to report security vulnerabilities and errors in code to a government Ministry of Industry and Information Technology (MIIT) within 48 hours.

Read more

Identified: Risky OT and ICS devices in KRITIS
June 20, 2023
| No comments
| PR News

Armis identifies and publishes a study on the most risky OT and ICS devices in critical infrastructure. It shows the threats to critical infrastructure in manufacturing, utilities and transportation. Data analyzed by the Armis Asset Intelligence and Security platform, which monitors more than three billion assets, revealed that the operational technology (OT) and industrial control systems (ICS) devices that pose the greatest risk to these industries are technical workstations , SCADA servers, automation servers, data historians and programmable logic controllers (PLCs). Prioritization and vulnerability management remain an issue Research found that technical workstations…

Read more

© 2025 MedPressIT Selinger
Cookie Settings