#industrial-control-systems

[ follow ]
#cybersecurity #operational-technology #cisa #red-lion-sixnet #remote-code-execution #authentication-bypass
fromThe Hacker News
4 days ago

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Red Lion's Sixnet RTUs provide advanced automation, control, and data acquisition capabilities in industrial automation and control systems, primarily across energy, water, and wastewater treatment, transportation, utilities, and manufacturing sectors. These industrial devices are configured using a Windows utility called Sixnet IO Tool Kit, with a proprietary Sixnet "Universal" protocol used to interface and enable communication between the kit and the RTUs.
Information security
Information security
fromSecurityWeek
1 week ago

The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn

Time-related rollover bugs like Y2K38 and Y2036 are exploitable today, risking system failures, cybersecurity bypasses, and physical safety impacts in critical infrastructure.
#operational-technology
more#operational-technology
fromSecurityWeek
2 weeks ago

NIST Publishes Guide for Protecting ICS Against USB-Borne Threats

NIST has published a new guide designed to help organizations reduce cybersecurity risks associated with the use of removable media devices in operational technology (OT) environments. NIST Special Publication (SP) 1334 was authored by the National Cybersecurity Center of Excellence (NCCoE) and it focuses on the use of USB flash drives, but also mentions other types of removable media such as external hard drives and CD/DVD drives.
Information security
Information security
fromSecurityWeek
4 weeks ago

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking

Novakon HMIs contain multiple unauthenticated vulnerabilities enabling remote root code execution, with no available patches and the vendor largely unresponsive.
#cybersecurity
Information security
fromSecuritymagazine
5 months ago

CISA Warns of Cyberattacks Against Critical Oil and Gas Infrastructure

Cyberattacks are targeting critical oil and gas infrastructure systems, prompting urgent cybersecurity measures.
CISA, FBI, EPA, and DOE recommend improving cybersecurity for operational technology and industrial control systems.
more#cybersecurity
[ Load more ]