#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Industrial Control Systems | Breaking Cybersecurity News | The Hacker News

Category — Industrial Control Systems
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Mar 11, 2025 ICS Security / Vulnerability
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297 , has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0. "Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their authorization mechanism," the company said in an advisory released last week. "Despite client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device." Successful exploitation of the shortcoming, in other words, could lead to an authentication bypass and allow an attacker to gain unauthorized access to sensitive configurations or disrupt services. The...
The High-Stakes Disconnect For ICS/OT Security

The High-Stakes Disconnect For ICS/OT Security

Jan 15, 2025 ICS Security / Threat Detection
Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn't just ineffective—it's high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems (ICS) and Operational Technology (OT) security distinctly stand out from traditional IT security. ICS/OT engineering systems, which power critical infrastructure such as electric power grids, oil and gas processing, heavy manufacturing, food and beverage processes, and water management facilities, require tailored cybersecurity strategies, and controls. This is due to the increasing attacks towards ICS/OT, their unique operational missions, a different risk surface than that of traditional IT networks, and the significant safety consequences from cyber incidents that impact the physical world. Critical infrastructure should be protected against today's threats to continue supporting national sa...
cyber security

10 Steps to Microsoft 365 Cyber Resilience

websiteVeeamCyber Resilience / Data Security
75% of organizations get hit by cyberattacks, and most report getting hit more than once. Read this ebook to learn 10 steps to take to build a more proactive approach to securing your organization's Microsoft 365 data from cyberattacks and ensuring cyber resilience.
Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

Nov 21, 2024 ICS Security / IoT Security
New research has uncovered more than 145,000 internet-exposed Industrial Control Systems (ICS) across 175 countries, with the U.S. alone accounting for over one-third of the total exposures. The analysis , which comes from attack surface management company Censys, found that 38% of the devices are located in North America, 35.4% in Europe, 22.9% in Asia, 1.7% in Oceania, 1.2% in South America, and 0.5% in Africa. The countries with the most ICS service exposures include the U.S. (more than 48,000), Turkey, South Korea, Italy, Canada, Spain, China, Germany, France, the U.K., Japan, Sweden, Taiwan, Poland, and Lithuania. The metrics are derived from the exposure of several commonly-used ICS protocols like Modbus, IEC 60870-5-104, CODESYS, OPC UA, and others. One important aspect that stands out is that the attack surfaces are regionally unique: Modbus, S7, and IEC 60870-5-104 are more widely observed in Europe, while Fox, BACnet, ATG, and C-more are more commonly found in North Ame...
cyber security

The Ultimate Guide to SaaS Identity Security in 2025

websiteWing SecuritySaaS Security / Identity Threat Detection
Discover how to protect your SaaS apps from identity-based breaches with this expert 2025 guide—learn practical steps to secure every account and keep your data safe.
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

May 04, 2024 Cyber Espionage / Network Security
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as  APT28 , drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic's Ministry of Foreign Affairs (MFA), in a statement, said some unnamed entities in the country have been attacked using a security flaw in Microsoft Outlook that came to light early last year. "Cyber attacks targeting political entities, state institutions and critical infrastructure are not only a threat to national security, but also disrupt the democratic processes on which our free society is based," the MFA  said . The security flaw in question is  CVE-2023-23397 , a now-patched critical privilege escalation bug in Outlook that could allow an adversary to access Net-NTLMv2 hashes and then use them to authenticate themselves by me...
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

Nov 10, 2023 Cyber Warfare / Network Security
The notorious Russian hackers known as  Sandworm  targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems (ICS). "The actor first used OT-level living-off-the-land ( LotL ) techniques to likely trip the victim's substation circuit breakers, causing an unplanned power outage that coincided with mass missile strikes on critical infrastructure across Ukraine," the company  said . "Sandworm later conducted a second disruptive event by deploying a new variant of  CaddyWiper  in the victim's IT environment." The threat intelligence firm did not reveal the location of the targeted energy facility, the duration of the blackout, and the number of people who were impacted by the incident. The development marks Sandworm's  continuous...
Experts Discuss Stuxnet's Long-Term Impact on Cybersecurity

Experts Discuss Stuxnet's Long-Term Impact on Cybersecurity

Dec 18, 2010
Stuxnet has both fascinated and horrified the cybersecurity community throughout 2010. Its multiple zero-day exploits, stealth capabilities, and precise control over industrial machinery mark it as a prime example of advanced cyber threats. Stuxnet represents both a nightmare and a dream for security researchers due to its sophisticated design and capabilities. Today, I moderated a panel on cybersecurity and infrastructure at the Washington Press Club, hosted by The Atlantic . I was eager to hear the panelists' insights on Stuxnet. I asked them to delve deeper than the usual "This is an existence proof of our worst fears" rhetoric and to identify more nuanced implications. The most intriguing response came from Bill Hunteman, senior advisor for cybersecurity at the Department of Energy. "This is just the beginning," Hunteman remarked. He explained that the advanced hackers who created Stuxnet "did all the hard work," and now the methods they develope...
Expert Insights / Articles Videos
Cybersecurity Resources