Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of issues, four of which are remotely exploitable.
Browsing Category: Critical Infrastructure
Researchers have identified several remotely exploitable vulnerabilities in a wireless remote monitoring product from OleumTech that is used in energy, water and other critical infrastructure sectors.
OpenSSL vulnerabilities discovered in a number of Siemens industrial control systems are being exploited in the wild. The company has updates available for some, but not all, of the affected products.
The new SSL Black List is a public list of certificates associated with a variety of malicious operations, including botnets, malware campaigns and banking Trojans.
The GAO issued a scathing report criticizing the lack of risk assessments and cybersecurity funding at shipping ports and other maritime facilities.
Yokogawa Electric Corp., of Japan patched critical buffer overflow flaws in its CENTUM and Exaopac production control system software.
In response to a FOIA request for information about the Operation Aurora attack on Google the Department of Homeland Security released hundreds of pages of documents related not to that attack campaign, but to the Aurora project run at Idaho National Lab years earlier
A China-linked hacker group known as Deep Panda has compromised a number of national security think tanks seeking information on U.S. policy in Iraq.
Experts question whether the Havex malware campaign targeting three European industrial control system software vendors is merely a dry run for something bigger.
The Havex RAT has infected the software update installers of three known industrial control system vendors, according to an advisory for ICS-CERT.