What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-02-17 11:56:58 | IT Vulnerability Report: Ivanti, Apple Fixes Urged by Cyble (lien direct) | 
Overview
Cyble\'s vulnerability intelligence report to clients last week highlighted flaws in Ivanti, Apple, Fortinet, and SonicWall products.
The report from Cyble Research and Intelligence Labs (CRIL) examined 22 vulnerabilities and dark web exploits, including some with significant internet-facing exposures.
Microsoft had a relatively quiet Patch Tuesday, with the most noteworthy fixes being for two actively exploited zero-day vulnerabilities (CVE-2025-21391, a Windows Storage Elevation of Privilege Vulnerability, and CVE-2025-21418, a Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability), but other IT vendors also issued updates on the second Tuesday of the month. Both Microsoft vulnerabilities were added to CISA\'s Known Exploited Vulnerabilities catalog.
Cyble\'s vulnerability intelligence unit highlighted five new vulnerabilities as meriting high-priority attention by security teams, plus a month-old vulnerability at elevated risk of attack.
The Top IT Vulnerabilities
Three of the vulnerabilities highlighted by Cyble (CVE-2025-22467, CVE-2024-38657, and CVE-2024-10644) affect Ivanti Connect Secure (ICS), a secure |
Vulnerability Threat Patching Industrial | ★★★ | |
 |
2025-02-16 03:03:45 | Roping in cyber risk quantification across industrial networks to safeguard OT asset owners amid rising threats (lien direct) | With the changing threat environment, industrial and operational environments are under greater pressure than ever to reconcile operational...
With the changing threat environment, industrial and operational environments are under greater pressure than ever to reconcile operational... |
Threat Industrial | ★★★ | |
|
2025-02-14 18:00:58 | S4x25: A Market at an Inflection Point – A Deep Dive (lien direct) | >This year\'s S4x25 in Tampa was not just another industry event-it was a turning point for the industrial...
>This year\'s S4x25 in Tampa was not just another industry event-it was a turning point for the industrial... |
Industrial | ★★★ | |
|
2025-02-14 17:39:09 | Dragos reports evolving ransomware threat landscape with increased operational disruptions as attacks target ICS (lien direct) | Industrial cybersecurity company Dragos revealed that during the fourth quarter of 2024, the ransomware threat landscape presented an...
Industrial cybersecurity company Dragos revealed that during the fourth quarter of 2024, the ransomware threat landscape presented an... |
Ransomware Threat Industrial | ★★★ | |
 |
2025-02-14 15:00:00 | How to Navigate Network Security in a Rapidly Evolving OT Cyber Threat Landscape (lien direct) | >Operational technology (OT) environments are the backbone of critical industries – electric, oil and gas, and manufacturing, and are increasingly...
The post How to Navigate Network Security in a Rapidly Evolving OT Cyber Threat Landscape first appeared on Dragos.
>Operational technology (OT) environments are the backbone of critical industries – electric, oil and gas, and manufacturing, and are increasingly... The post How to Navigate Network Security in a Rapidly Evolving OT Cyber Threat Landscape first appeared on Dragos. |
Threat Industrial | ★★ | |
 |
2025-02-14 13:02:32 | In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool (lien direct) | >Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool.
>Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool. |
Tool Vulnerability Industrial | ★★★ | |
|
2025-02-13 12:36:29 | S4x25: NVIDIA debuts AI platform for critical infrastructure security, partners with industry leaders (lien direct) | Technology company NVIDIA announced Wednesday at the ongoing S4x25 industrial cybersecurity event their adoption of the NVIDIA cybersecurity...
Technology company NVIDIA announced Wednesday at the ongoing S4x25 industrial cybersecurity event their adoption of the NVIDIA cybersecurity... |
Industrial | ★★★ | |
|
2025-02-13 12:32:51 | Schneider Electric\\'s SCADAPack 470i, 474i to redefine OT cybersecurity for remote, rugged operations (lien direct) | >Schneider Electric, vendor of digital transformation of energy management and automation, has announced new OT (operational technology) cybersecurity...
>Schneider Electric, vendor of digital transformation of energy management and automation, has announced new OT (operational technology) cybersecurity... |
Industrial | ★★★ | |
|
2025-02-13 12:32:13 | Asimily, Carahsoft partner to bring IoT/OT cybersecurity solutions to public sector (lien direct) | >Asimily, an IoT, OT and IoMT company, and Carahsoft Technology announced Wednesday a partnership. Under the agreement, Carahsoft...
>Asimily, an IoT, OT and IoMT company, and Carahsoft Technology announced Wednesday a partnership. Under the agreement, Carahsoft... |
Industrial | ★★★ | |
|
2025-02-13 12:24:42 | Salvador Technologies launches Edge-Recovery Platform to revolutionize OT, ICS cyber resilience (lien direct) | >Salvador Technologies introduced an Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT)...
>Salvador Technologies introduced an Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT)... |
Industrial | ★★★ | |
|
2025-02-13 11:15:54 | (Déjà vu) Cyble Warns of Exposed Medical Imaging, Asset Management Systems (lien direct) | >
Overview
Cyble\'s weekly industrial control system (ICS) vulnerability report to clients warned about internet-facing medical imaging and critical infrastructure asset management systems that could be vulnerable to cyberattacks.
The report examined six ICS, operational technology (OT), and Supervisory Control and Data Acquisition (SCADA) vulnerabilities in total, but it focused on two in particular after Cyble detected web-exposed instances of the systems.
Orthanc, Trimble Cityworks Vulnerabilities Highlighted by CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued advisories alerting users to vulnerabilities in medical imaging and asset management products.
Orthanc is an open-source DICOM server used in healthcare environments for medical imaging storage and retrieval, while Trimble Cityworks is a GIS-centric asset management system used to manage all infrastructure assets for airports, utilities, municipalities, and counties.
In a February 6 ICS medical advisory, CISA said the Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled, which could result in unauthorized access by a malicious actor. The Missing Authentication for Critical Function vulnerability, CVE-2025-0896, has been assigned a CVSS v3.1 base score of 9.8, just below the maximum score of 10.0.
Orthanc recommends that users update to the latest version or enable HTTP authentication by setting the configuration "AuthenticationEnabled": true in the configuration file.
Cyble provided a publicly accessible search query for its ODIN vulnerability search tool, which users can use to find potentially vulnerable instances.
“This flaw requires urgent attention, as Cyble researchers have identified multiple internet-facing Orthanc instances, increasing the risk of exploitation,” the Cyble report said. “The exposure of vulnerable instances could allow unauthorized access to sensitive medical data, manipulation of imaging records, or even unauthorized control over the server. Given the high stakes in healthcare cybersecurity, immediate patching to version 1.5.8 or later, along with restricting external access, is strongly recommended to mitigate potential threats. |
Tool Vulnerability Threat Patching Industrial Medical | ★★★ | |
 |
2025-02-13 03:59:50 | IIoT Security Threats Reshape Factory Protection Strategies (lien direct) | Modern factories are increasingly relying on Industrial Internet of Things (IIoT) solutions. This shift is beneficial in many regards, including higher efficiency and transparency, but it also introduces unique cybersecurity concerns. Better vulnerability management for IIoT systems is essential if companies hope to make the most of this technology. The White House\'s 2024 cybersecurity report named critical infrastructure risks and supply chain exploits as two of the top threats facing the U.S. today. Notably, IIoT systems play a key role in both categories. Heavy industries must become aware...
Modern factories are increasingly relying on Industrial Internet of Things (IIoT) solutions. This shift is beneficial in many regards, including higher efficiency and transparency, but it also introduces unique cybersecurity concerns. Better vulnerability management for IIoT systems is essential if companies hope to make the most of this technology. The White House\'s 2024 cybersecurity report named critical infrastructure risks and supply chain exploits as two of the top threats facing the U.S. today. Notably, IIoT systems play a key role in both categories. Heavy industries must become aware... |
Vulnerability Industrial | ★★ | |
|
2025-02-12 18:18:25 | S4x25 fireside chat: Dale Peterson and Paul Griswold discuss evolution of ICS security (lien direct) | At the S4x25 event, Dale Peterson sat down with Paul Griswold, former chief product officer at Honeywell, for...
At the S4x25 event, Dale Peterson sat down with Paul Griswold, former chief product officer at Honeywell, for... |
Industrial | ★★★ | |
|
2025-02-12 18:10:49 | S4x25 Keynote: Dale Peterson challenges OT security professionals to rethink risk prioritization (lien direct) | At S4x25, Dale Peterson delivered a keynote that wasn\'t just a presentation-it was a call to action. Known...
At S4x25, Dale Peterson delivered a keynote that wasn\'t just a presentation-it was a call to action. Known... |
Industrial | ★★★ | |
|
2025-02-12 15:40:31 | Cyolo set to advance, transform cyber physical systems with NVIDIA cybersecurity AI platform (lien direct) | >Cyolo, provider of secure remote access solutions for operational technology (OT) and industrial control systems (ICS), announced on...
>Cyolo, provider of secure remote access solutions for operational technology (OT) and industrial control systems (ICS), announced on... |
Industrial | ★★★ | |
|
2025-02-11 22:42:29 | Navigating the Hype of AI in Operational Technology (lien direct) | >At the ongoing S4x25 conference, Jeffrey Macre, industrial security solutions architect at Darktrace, highlighted the rapidly evolving role...
>At the ongoing S4x25 conference, Jeffrey Macre, industrial security solutions architect at Darktrace, highlighted the rapidly evolving role... |
Industrial Conference | ★★★ | |
|
2025-02-11 22:26:35 | EmberOT debuts IgniteOnsite, its portable OT cybersecurity assessment and response bundle (lien direct) | >EmberOT, provider of industrial asset and network monitoring solutions, announced Tuesday the launch of IgniteOnsite, a portable OT...
>EmberOT, provider of industrial asset and network monitoring solutions, announced Tuesday the launch of IgniteOnsite, a portable OT... |
Industrial | ★★★ | |
|
2025-02-11 15:40:46 | Dispel, Nozomi Networks deliver integrated zero trust security solutions for OT/IoT environments (lien direct) | >Dispel, a vendor of secure remote access solutions for industrial control systems (ICS) and operational technology (OT), and...
>Dispel, a vendor of secure remote access solutions for industrial control systems (ICS) and operational technology (OT), and... |
Industrial | ★★★ | |
|
2025-02-11 13:00:00 | Dragos Industrial Ransomware Analysis: Q4 2024 (lien direct) | >In the fourth quarter (October to December) of 2024, the ransomware threat landscape presented an increasingly dynamic ecosystem, with multiple...
The post Dragos Industrial Ransomware Analysis: Q4 2024 first appeared on Dragos.
>In the fourth quarter (October to December) of 2024, the ransomware threat landscape presented an increasingly dynamic ecosystem, with multiple... The post Dragos Industrial Ransomware Analysis: Q4 2024 first appeared on Dragos. |
Ransomware Threat Industrial | ★★★ | |
|
2025-02-10 19:41:48 | BSidesICS 2025: Rob Lee\\'s opening keynote sets tone for future of ICS security (lien direct) | Robert M. Lee, CEO and co-founder of industrial cybersecurity firm Dragos, delivered a compelling opening keynote at BSidesICS...
Robert M. Lee, CEO and co-founder of industrial cybersecurity firm Dragos, delivered a compelling opening keynote at BSidesICS... |
Industrial | ★★ | |
|
2025-02-10 13:34:05 | Cyble Warns of Patient Monitor Risk in ICS Vulnerability Report (lien direct) | 
Cyble\'s weekly industrial control system (ICS) vulnerability report to clients included a warning about a severe vulnerability in a patient monitor that could potentially compromise patient safety.
In all, the report covered 36 ICS, operational technology (OT) and Supervisory Control and Data Acquisition (SCADA) vulnerabilities, 31 of which affect critical manufacturing and energy systems. Ten of the 36 vulnerabilities were rated “critical” and 17 carried high-risk ratings.
Patient Monitor Vulnerability Carries a 9.8 Risk Rating
The patient monitor vulnerability, CVE-2024-12248, was one of three flaws in Contec Health CMS8000 Patient Monitors that were addressed in a January 30 advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). CISA said the vulnerabilities were reported to the agency anonymously.
The Food and Drug Administration (FDA) also issued an alert about the vulnerabilities the same day. The FDA said the flaws “may put patients at risk after being connected to the internet,” but added that the agency “is not aware of any cybersecurity incidents, injuries, or deaths related to these cybersecurity vulnerabilities at this time.”
The FDA advisory contained recommendations for patients and caregivers for mitigating the risk that included the following advice:
“If your health c |
Tool Vulnerability Patching Industrial Medical | ★★ | |
|
2025-02-09 14:43:38 | S4x25 and BSidesICS: Where industrial cybersecurity experts converge to foster collaboration and innovation (lien direct) | As the industrial cybersecurity community converges in Tampa, Florida for the upcoming S4x25 and BSidesICS events, there is...
As the industrial cybersecurity community converges in Tampa, Florida for the upcoming S4x25 and BSidesICS events, there is... |
Industrial | ★★★ | |
 |
2025-02-07 16:00:00 | What\\'s Next for Operational Technology Security? (lien direct) | Get insights into OT cybersecurity predictions and trends for 2025. Learn more.
Get insights into OT cybersecurity predictions and trends for 2025. Learn more. |
Industrial | ★★ | |
|
2025-02-07 14:24:04 | UTSI International joins ThreatGEN partner program to boost cybersecurity preparedness for critical infrastructure (lien direct) | >UTSI International Corporation, vendor of Industrial Control System (ICS) cybersecurity and critical infrastructure protection, has joined the ThreatGEN...
>UTSI International Corporation, vendor of Industrial Control System (ICS) cybersecurity and critical infrastructure protection, has joined the ThreatGEN... |
Industrial | ★★★ | |
|
2025-02-07 14:22:49 | Ampyx Cyber appoints Andrew Luccitti as chief revenue officer to push growth, innovation in industrial cybersecurity (lien direct) | Ampyx Cyber, a consulting firm specializing in industrial control systems (ICS) and operational technology (OT) security, announced on...
Ampyx Cyber, a consulting firm specializing in industrial control systems (ICS) and operational technology (OT) security, announced on... |
Industrial | ★★ | |
 |
2025-02-07 07:00:00 | A Rose by Any Other Name: Exposure Management, a Category that Evolved from Traditional Vulnerability Management (lien direct) | As organizations increase their reliance on cloud services, remote work tools, IoT devices and smart infrastructures, and the use of third-party vendors, their exposure to cyber threats increases. Traditional approaches to vulnerability management are unable to keep up with rapidly changing business needs and an expanding attack surface. While scanning and patching known vulnerabilities remains critical, today’s complex threat landscape demands a more comprehensive strategy. Exposures encompass the total attack surface and all potential security gaps across an organization’s entire digital infrastructure. Examples include known vulnerabilities, misconfigurations, and uncovered weaknesses. These differ from vulnerabilities, which are specific weaknesses or flaws in a system that could be exploited. Security leaders should consider adopting a holistic exposure management program to address both known and unknown exposures. First let’s understand what exposure management is. Exposure Management represents a comprehensive approach that looks at an organization’s entire attack surface and potential security risks across all their digital assets, both internally and externally. It goes beyond identifying and remediating vulnerabilities by providing a much wider view of an organization’s security posture. This approach enables businesses to understand the full breadth of their attack surface and exposures, and prioritize actions based on potential impact. The evolution from vulnerability management to exposure management is becoming increasingly critical, according to Gartner. In their 2024 report, “How to Grow Vulnerability Management into Exposure Management," Gartner emphasizes that exposure management is more than just tools - it’s a comprehensive methodology that integrates people, processes, and technologies to effectively evaluate and assess exposures across both digital and physical assets. Gartner also highlights how this approach enhances and contextualizes security initiatives by providing data-driven insights into which assets, configurations, and vulnerabilities pose the greatest business risk. This allows security teams to effectively prioritize and allocate resources towards the most impactful remediations, tailored to their specific needs, industry threats, and business priorities. This approach strengthens key capabilities such as threat detection, investigation, and response (TDIR), and cyber risk management. How Has Exposure Management Evolved from Traditional Vulnerability Management? Vulnerability management has been a staple of security programs for decades. It’s long been considered a requirement for “good cyber hygiene.” However, many organizations still struggle with properly managing the large volume of vulnerabilities in their environment, including prioritizing mitigation or remediation of the vulnerabilities that pose the greatest risk. Welcome “exposure management.” While vulnerability management focuses primarily on identifying and patching known vulnerabilities, exposure management has evolved to unify multiple security disciplines (including asset configuration, and patch management) into a comprehensive view of an organization’s attack surface – enabling teams to better identify, and prioritize critical exposures, particularly those actively exploited in the wild. Vulnerability management is a critical subset of exposure management, focusing on the detection and correction of security weaknesses. Vulnerability management alone can’t address the full spectrum of security risks organizations face today, particularly with the increasing complexity brought by digital transformation. Key Functions of Vulnerability Management vs. Exposure Management | Tool Vulnerability Threat Patching Mobile Industrial Cloud Technical | ★★★ | |
|
2025-02-06 15:53:29 | Simon Chassar now part of EmberOT industrial security startup as advisory board member (lien direct) | >EmberOT, provider of industrial asset and network monitoring solutions, is pleased to announce that Simon Chassar has joined...
>EmberOT, provider of industrial asset and network monitoring solutions, is pleased to announce that Simon Chassar has joined... |
Industrial | ★★★ | |
|
2025-02-06 11:44:16 | CISA Issues Nine Critical Industrial Control Systems Advisories, Addressing Vulnerabilities in Key Equipment (lien direct) | 
Overview
The Cybersecurity and Infrastructure Security Agency (CISA) released a series of nine Industrial Control Systems (ICS) advisories on February 4, 2025. These CISA ICS advisories provide essential information about vulnerabilities, security risks, and recommended mitigations affecting various industrial control systems and their components.
The advisories, which highlight numerous threats across a variety of devices, emphasize the need for vigilance and prompt action to protect critical infrastructure from potential exploits. The nine advisories address flaws found in systems from notable vendors such as Schneider Electric, Rockwell Automation, and AutomationDirect.
These vulnerabilities can allow attackers to disrupt operations, gain unauthorized access, or even execute remote code on compromised devices.
Details of the Industrial Control Systems Advisories
1. Western Telematic Inc. Vulnerability
Advisory Code: ICSA-25-035-01
Vulnerable Products:
NPS Seri |
Vulnerability Threat Legislation Industrial | ★★★ | |
|
2025-02-05 14:22:43 | Cyber Insights 2025: OT Security (lien direct) | >Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ.
>Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ. |
Industrial | ★★ | |
|
2025-02-05 13:04:58 | Risk Mitigation Consulting secures $95M navy contract to lead mission assurance, industrial cybersecurity efforts (lien direct) | >Risk Mitigation Consulting (RMC), provider of risk management, industrial cybersecurity solutions and engineering services for critical infrastructure and...
>Risk Mitigation Consulting (RMC), provider of risk management, industrial cybersecurity solutions and engineering services for critical infrastructure and... |
Industrial | ★★ | |
|
2025-02-05 10:49:54 | Claroty exposes OT security crisis, reveals insecure Internet connections amid rising ransomware threats (lien direct) | >Claroty reported on Tuesday that threats to operational technology (OT) infrastructure within critical infrastructure installations are increasingly getting...
>Claroty reported on Tuesday that threats to operational technology (OT) infrastructure within critical infrastructure installations are increasingly getting... |
Ransomware Industrial | ★★ | |
|
2025-02-04 17:40:09 | Ontinue expands AI-powered MXDR services to protect IoT, OT environments with ION for IoT Security (lien direct) | >Ontinue, provider of AI-powered managed extended detection and response (MXDR) services, announced the expansion of its managed services...
>Ontinue, provider of AI-powered managed extended detection and response (MXDR) services, announced the expansion of its managed services... |
Industrial | ★★★ | |
 |
2025-02-04 16:15:22 | Russian cyber research companies post alerts about infostealer, industrial threats (lien direct) | Moscow-based cybersecurity company BI.ZONE posted an analysis of the Nova infostealer as other Russian firms warned about cyber-espionage and threats against industrial facilities.
Moscow-based cybersecurity company BI.ZONE posted an analysis of the Nova infostealer as other Russian firms warned about cyber-espionage and threats against industrial facilities. |
Industrial | ★★★ | |
|
2025-02-04 15:50:45 | NIST SP 800-82r3: Enhancing OT Security with Dragos and NP-View (lien direct) | >As cyber threats continue to evolve and target critical infrastructure, organizations need robust guidelines and solutions to protect their industrial...
The post NIST SP 800-82r3: Enhancing OT Security with Dragos and NP-View first appeared on Dragos.
>As cyber threats continue to evolve and target critical infrastructure, organizations need robust guidelines and solutions to protect their industrial... The post NIST SP 800-82r3: Enhancing OT Security with Dragos and NP-View first appeared on Dragos. |
Industrial | ★★★ | |
|
2025-02-04 12:51:51 | Palo Alto-Siemens whitepaper flags critical OT vulnerabilities; as manufacturing sector faces alarming cybersecurity risks (lien direct) | A recent whitepaper published by Palo Alto Networks and Siemens revealed that the exploitation of remote services is...
A recent whitepaper published by Palo Alto Networks and Siemens revealed that the exploitation of remote services is... |
Vulnerability Industrial | ★★★ | |
|
2025-02-02 08:35:39 | Evolving role of women in OT/ICS cybersecurity, as S4x25 and BSides for ICS 2025 address inclusion, resilience (lien direct) | As the OT and ICS cybersecurity landscape continues to evolve, so does the role of women as they...
As the OT and ICS cybersecurity landscape continues to evolve, so does the role of women as they... |
Industrial | ★★★ | |
|
2025-02-02 07:51:12 | Hall of Fame – Industrial Cybersecurity Engineer Sarah Freeman (lien direct) | >In an exclusive interview for the Hall of Fame series, Industrial Cyber spoke with Sarah Freeman, chief engineer...
>In an exclusive interview for the Hall of Fame series, Industrial Cyber spoke with Sarah Freeman, chief engineer... |
Industrial | ★★★ | |
 |
2025-02-01 20:59:57 | Ransomware Attack Targets Indian Tech Giant Tata Technologies (lien direct) | In a significant cyberattack, Tata Technologies, a prominent Indian multinational engineering and design services company, has fallen victim to a ransomware attack.
The company temporarily paused some of its IT assets as a precautionary measure, which has now been fully restored.
However, the Client delivery services were fully functional after the cyberattack and remain unaffected.
“This is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets,” the company said in its filing with the Indian stock exchanges, BSE & NSE.
“As a precautionary measure, some of the IT services were suspended temporarily and have now been restored. Our Client delivery services have remained fully functional and unaffected throughout.”
While the company did not disclose specific details about the ransomware attack, it said it is conducting a detailed investigation in collaboration with cybersecurity experts to assess the root cause and take necessary remedial action.
“We remain committed to the highest standards of security and data protection and are taking all necessary steps to mitigate any potential risks,” the notice added.
Meanwhile, Tata Technologies reassured its stakeholders that it was taking swift action to mitigate the impact and prevent further damage. “Our primary focus is on restoring operations while ensuring that any stolen or compromised data does not fall into the wrong hands,” said a spokesperson from the company.
For those unaware, Tata Technologies is a subsidiary of the Tata Group that provides innovative solutions to sectors such as automotive, aerospace, and industrial machinery.
As of now, no ransomware gang has claimed responsibility for the cyberattack on Tata Technologies, nor has the company disclosed whether it paid a ransom demand.
Keep watching this space for more updates, as this story is developing!
In a significant cyberattack, Tata Technologies, a prominent Indian multinational engineering and design services company, has fallen victim to a ransomware attack. The company temporarily paused some of its IT assets as a precautionary measure, which has now been fully restored. However, the Client delivery services were fully functional after the cyberattack and remain unaffected. “This is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets,” the company said in its filing with the Indian stock exchanges, BSE & NSE. “As a precautionary measure, some of the IT services were suspended temporarily and have now been restored. Our Client delivery services have remained fully functional and unaffected throughout.” While the company did not disclose specific details about the ransomware attack, it said it is conducting a detailed investigation in collaboration with cybersecurity experts to assess the root cause and take necessary remedial action. “We remain committed to the highest standards of security and data protection and are taking all necessary steps to mitigate any potential risks,” the notice added. Meanwhile, Tata Technologies reassured its stakeholders that it was taking swift action to mitigate the impact and prevent further damage. “Our primary focus is on restoring operations while ensuring that any stolen or compromised data does not fall into the wrong hands,” said a spokesperson from the company. For those unaware, Tata Technologies is a subsidiary of the Tata Group that provides innovative solutions to sectors such as automot |
Ransomware Industrial | ★★★ | |
|
2025-01-31 10:28:38 | ISA releases updated ANSI/ISA-62443-2-1-2024 standard to strengthen industrial cybersecurity (lien direct) | >The International Society of Automation (ISA) announced this week release of ANSI/ISA-62443-2-1-2024, an update to industrial automation and...
>The International Society of Automation (ISA) announced this week release of ANSI/ISA-62443-2-1-2024, an update to industrial automation and... |
Industrial | ★★★ | |
|
2025-01-30 08:42:50 | ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes (lien direct) | >
Overview
A pair of 9.8-severity flaws in mySCADA myPRO Manager SCADA systems were among the vulnerabilities highlighted in Cyble\'s weekly Industrial Control System (ICS) Vulnerability Intelligence Report.
Cyble Research & Intelligence Labs (CRIL) examined eight ICS vulnerabilities in the January 28 report for clients, including high-severity flaws in critical manufacturing, energy infrastructure, and transportation networks.
OS Command Injection (CWE-78) and Improper Security Checks (CWE-358, CWE-319) accounted for half of the vulnerabilities in the report, “indicating a persistent challenge in securing authentication and execution processes in ICS environments,” Cyble said.
Critical mySCADA Vulnerabilities
The critical mySCADA myPRO supervisory control and data acquisition (SCADA) vulnerabilities haven\'t yet appeared in the NIST National Vulnerability Database (NVD) or the MITRE CVE database, but they were the subject of a CISA ICS advisory on January 23.
The mySCADA myPRO Manager system provides user interfaces and functionality for real-time monitoring and control of industrial processes across a range of critical industries and applications. CISA said the vulnerabilities can be exploited remotely with low attack complexity, potentially allowing a remote attacker to execute arbitrary commands or disclose sensitive information.
CVE-2025-20061 was assigned a CVSS v3.1 base score of 9.8 and is an Improper Neutralization of Special Elements used in an OS Command (\'OS Command Injection\') vulnerability. CISA said mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information, so the vulnerability could be used to execute arbitrary commands on an affected system.
CVE-2025-20014 is also a 9.8-severity OS Command Injection vulnerability, as myPRO also does not properly neutralize POST requests sent to a specific port with version information, which could potentially lead to an attacker executing arbitrary commands.
The following mySCADA products are affected:
myPRO Manager: Versions prior to 1.3
myPRO Runtime: Versions prior to 9.2.1
mySCADA recommends that users update to the latest versions:
mySCADA PRO Manager 1.3
mySCADA PRO Runtime 9.2.1
|
Tool Vulnerability Patching Industrial | ★★★ | |
 |
2025-01-29 14:00:00 | Adversarial Misuse of Generative AI (lien direct) | Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language models (LLMs) open new possibilities for defenders, from sifting through complex telemetry to secure coding, vulnerability discovery, and streamlining operations. However, some of these same AI capabilities are also available to attackers, leading to understandable anxieties about the potential for AI to be misused for malicious purposes. Much of the current discourse around cyber threat actors\' misuse of AI is confined to theoretical research. While these studies demonstrate the potential for malicious exploitation of AI, they don\'t necessarily reflect the reality of how AI is currently being used by threat actors in the wild. To bridge this gap, we are sharing a comprehensive analysis of how threat actors interacted with Google\'s AI-powered assistant, Gemini. Our analysis was grounded by the expertise of Google\'s Threat Intelligence Group (GTIG), which combines decades of experience tracking threat actors on the front lines and protecting Google, our users, and our customers from government-backed attackers, targeted 0-day exploits, coordinated information operations (IO), and serious cyber crime networks. We believe the private sector, governments, educational institutions, and other stakeholders must work together to maximize AI\'s benefits while also reducing the risks of abuse. At Google, we are committed to developing responsible AI guided by our principles, and we share | Ransomware Malware Tool Vulnerability Threat Studies Legislation Mobile Industrial Cloud Technical Commercial | APT 41 APT 43 APT 42 | ★★★ |
|
2025-01-29 13:01:36 | New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems (lien direct) | 
Overview
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued two urgent advisories regarding serious ICS vulnerabilities in industrial control systems (ICS) products. These ICS vulnerabilities, identified in Schneider Electric\'s RemoteConnect and SCADAPack x70 Utilities, as well as B&R Automation\'s Runtime software, pose online risks to critical infrastructure systems worldwide. The ICS vulnerabilities, if exploited, could lead to potentially devastating impacts on the integrity, confidentiality, and availability of systems within energy, critical manufacturing, and other essential sectors.
Schneider Electric\'s Vulnerability in RemoteConnect and SCADAPack x70 Utilities
The ICS vulnerability in Schneider Electric\'s RemoteConnect and SCADAPack x70 Utilities arises from the deserialization of untrusted data, identified as CWE-502. This flaw could allow attackers to execute remote code on affected workstations, leading to several security risks, including the loss of confidentiality and integrity. The issue is triggered when a non-admin authenticated user opens a malicious project file, which could potentially be introduced through email, file sharing, or other methods.
Schneider Electric has assigned the CVE identifier CVE-2024-12703 to this vulnerability, with a base CVSS v3 score of 7.8 and a CVSS v4 score of 8.5. Both versions highlight the severity of the issue, with potential consequences including unauthorized remote code execution.
This vulnerability affects all versions of both RemoteConnect and SCADAPack x70 Utilities, products widely deployed in sectors such as energy and critical manufacturing across the globe. Although Schneider Electric is working on a remediation plan for future product versions, there are interim steps that organizations can take to mitigate the risk. These include:
Only opening project files from trusted sources
Verifying file integrity by computing and checking hashes regularly
Encrypting project files and restricting access to trusted users
Using secure communication protocols when exchanging files over the network
Following established SCADAPack Security Guidelines for added protection
CISA recommends minimizing the network exposure of control system devices, ensuring they are not directly accessible from the internet, and placing control system networks behind firewalls to isolate them from business networks. When remote access is necessary, using secure methods like Virtual Private Networks (VPNs) is strongly advised. However, organizations should ens |
Vulnerability Threat Patching Industrial | ★★★★ | |
 |
2025-01-29 10:00:37 | Threat predictions for industrial enterprises 2025 (lien direct) | Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025. |
Threat Industrial | ★★★★ | |
|
2025-01-29 08:15:23 | CISA flags hardware vulnerabilities in ICS and medical devices; affects B&R, Schneider Electric, Rockwell, BD Systems (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released six industrial control systems (ICS) advisories and updated an...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released six industrial control systems (ICS) advisories and updated an... |
Vulnerability Industrial Medical | ★★★ | |
 |
2025-01-28 20:35:51 | Sphinx France et Seckiot unissent leurs forces pour protéger les infrastructures industrielles avec des solutions de cybersécurité OT (lien direct) | Sphinx France et Seckiot unissent leurs forces pour protéger les infrastructures industrielles avec des solutions de cybersécurité OT avancées
-
Business
Sphinx France et Seckiot unissent leurs forces pour protéger les infrastructures industrielles avec des solutions de cybersécurité OT avancées - Business |
Industrial | ★★★ | |
|
2025-01-28 13:50:09 | Frenos secures $3.88 million funding; to push product development, market penetration in OT cybersecurity (lien direct) | >Autonomous operational technology (OT) security assessment platform Frenos announced Tuesday the closing of a US$3.88 million financing round,...
>Autonomous operational technology (OT) security assessment platform Frenos announced Tuesday the closing of a US$3.88 million financing round,... |
Industrial | ★★ | |
|
2025-01-28 11:31:57 | Forescout 2024 Threat Report warns of intensifying cyber threats in 2025, as OT protocols increasingly targeted (lien direct) | Data released by Forescout Technologies disclosed that cybersecurity will be a primary concern for both enterprise and government...
Data released by Forescout Technologies disclosed that cybersecurity will be a primary concern for both enterprise and government... |
Threat Industrial | ★★★★ | |
|
2025-01-26 09:01:19 | Need to build robust industrial supply chain security while considering emerging technologies (lien direct) | As the industrial sector advances into 2025, industrial supply chain security is increasingly likely to be defined by...
As the industrial sector advances into 2025, industrial supply chain security is increasingly likely to be defined by... |
Industrial | ★★★ | |
|
2025-01-23 14:30:52 | Forescout reports growth in US federal business, with 38% rise in DoD sector and NIAP certification for OT solution (lien direct) | Forescout Technologies announced that the company delivered record double digit growth in its US Federal Government business. The...
Forescout Technologies announced that the company delivered record double digit growth in its US Federal Government business. The... |
Industrial | ★★★ | |
|
2025-01-23 14:28:14 | DeNexus report: 92% of industrial sites at risk of cyber threats, potential losses reach $1.5 million (lien direct) | >DeNexus, vendor of end-to-end cyber risk management for operational technology (OT) in industrial enterprises and critical infrastructure installations...
>DeNexus, vendor of end-to-end cyber risk management for operational technology (OT) in industrial enterprises and critical infrastructure installations... |
Industrial | ★★★ |
To see everything:
Our RSS (filtrered)
