FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
△ 🔃
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

Making Sense of Operational Technology Attacks: The Past, Present, and Future

By: The Hacker News — March 21st 2024 at 09:23
When you read reports about cyber-attacks affecting operational technology (OT), it’s easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the
☐ ☆ ✇ The Hacker News

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs

By: Ravie Lakshmanan — February 16th 2023 at 13:18
Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1), are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. Successful
☐ ☆ ✇ The Hacker News

Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys

By: Ravie Lakshmanan — October 12th 2022 at 10:41
A vulnerability in Siemens Simatic programmable logic controller (PLC) can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices. "An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections," industrial cybersecurity
☐ ☆ ✇ The Hacker News

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

By: Ravie Lakshmanan — September 12th 2022 at 11:18
A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was made possible owing to the fact that the PLCs were accessible through the Internet and were
☐ ☆ ✇ The Hacker News

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

By: Ravie Lakshmanan — August 16th 2022 at 10:57
Cybersecurity researchers have elaborated a novel attack technique that weaponizes programmable logic controllers (PLCs) to gain an initial foothold in engineering workstations and subsequently invade the operational technology (OT) networks. Dubbed "Evil PLC" attack by industrial security firm Claroty, the issue impacts engineering workstation software from Rockwell Automation, Schneider
☐ ☆ ✇ The Hacker News

Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems

By: Ravie Lakshmanan — July 18th 2022 at 10:59
Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers (PLCs) and co-opt the machines to a botnet. The software "exploited a vulnerability in the firmware which allowed it to retrieve the password on command," Dragos security researcher Sam Hanson said. "Further, the software was a malware
❌