ICS/OT – TFun dot org

Number of Ransomware Attacks on Industrial Orgs Drops Following Conti Shutdown

10/08/2022RedOne

The number of ransomware attacks on industrial organizations decreased from 158 in the first quarter of 2022 to 125 in the second quarter, and it may be — at least partially — a result of the Conti operation shutting down. read more

ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities

09/08/2022RedOne

Industrial giants Siemens and Schneider Electric have addressed less than a dozen vulnerabilities in their August 2022 Patch Tuesday advisories, far fewer than in most of the previous months. read more

FEMA Urges Patching of Emergency Alert Systems, But Some Flaws Remain Unfixed

05/08/2022RedOne

The US Federal Emergency Management Agency (FEMA) has issued an advisory urging organizations to ensure that their emergency alert systems are patched, but a researcher says there are no patches for some of the vulnerabilities affecting these systems. read more

Securing Smart Cities from the Ground Up

28/07/2022RedOne

Smart City network infrastructure demands a proactive approach to find vulnerabilities before hackers find them read more

Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks

28/07/2022RedOne

Two potentially serious vulnerabilities that could allow threat actors to cause significant disruption have been found in a widely used industrial connectivity device made by Moxa. The Taiwan-based industrial networking and automation solutions provider has addressed the flaws. read more

Updated TSA Pipeline Cybersecurity Requirements Offer More Flexibility

25/07/2022RedOne

The Transportation Security Administration (TSA) has updated its directive for oil and natural gas pipeline cybersecurity, providing owners and operators more flexibility in achieving the outlined goals. read more

Hundreds of ICS Vulnerabilities Disclosed in First Half of 2022

21/07/2022RedOne

More than 600 industrial control system (ICS) product vulnerabilities were disclosed in the first half of 2022 by the US Cybersecurity and Infrastructure Security Agency (CISA), according to an analysis conducted by industrial asset and network monitoring company SynSaber. read more

PLC and HMI Password Cracking Tools Deliver Malware

18/07/2022RedOne

Tools advertised as being capable of cracking passwords for HMIs, PLCs and other industrial products have been found to exploit a zero-day vulnerability, and threat actors are using these tools to deliver malware. read more

Critical Infrastructure Operators Implementing Zero Trust in OT Environments

15/07/2022RedOne

A survey commissioned by cybersecurity company Xage shows that zero trust is on track to being implemented in many operational technology (OT) environments, particularly in critical infrastructure organizations. read more

Two Big OT Security Concerns Related to People: Human Error and Staff Shortages

14/07/2022RedOne

A survey of 3,500 security experts from around the world shows that a lot of the cybersecurity problems related to operational technology (OT) involve people, specifically human error and a significant shortage of staff. read more