#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

industrial control system | Breaking Cybersecurity News | The Hacker News

Category — industrial control system
Critical Flaws Discovered in Popular Industrial Remote Access Systems

Critical Flaws Discovered in Popular Industrial Remote Access Systems

Oct 01, 2020
Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. The flaws,  discovered  by Tel Aviv-based OTORIO, were identified in B&R Automation's SiteManager and GateManager, and MB Connect Line's mbCONNECT24, two of the popular remote maintenance tools used in automotive, energy, oil & gas, metal, and packaging sectors to connect to industrial assets from anywhere across the world. Six Flaws in B&R Automation's SiteManager and GateManager According to an  advisory published by the US Cybersecurity and infrastructure Security Agency (CISA) on Wednesday, successful exploitation of the B&R Automation vulnerabilities could allow for "arbitrary information disclosure, manipulation, and a denial-of-service condition." The flaws, ranging from p...
Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

Jul 29, 2020
Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS). A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon's eCatcher VPN client. These vulnerable products are widely used in field-based industries such as oil and gas, water utilities, and electric utilities to remotely access, maintain and monitor ICS and field devices, including programmable logic controllers (PLCs) and input/output devices. According to Claroty researchers, successful exploitation of these vulnerabilities can give an unauthenticated attacker direct access to the ICS devices an...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Oct 24, 2018
Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON , also known as Trisis, is a piece of ICS malware designed to target the Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric which are often used in oil and gas facilities. Triconex Safety Instrumented System is an autonomous control system that independently monitors the performance of critical systems and takes immediate actions automatically if a dangerous state is detected. Since malware of such capabilities can't be created by a computer hacker without possessing necessary knowledge of Industrial Control Systems (ICS), researchers believe with "high confidence" that Moscow-based lab Central Scientific Research Institute of Chemistry and...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Dangerous Malware Discovered that Can Take Down Electric Power Grids

Dangerous Malware Discovered that Can Take Down Electric Power Grids

Jun 12, 2017
Last December, a cyber attack on Ukrainian Electric power grid caused the power outage in the northern part of Kiev — the country's capital — and surrounding areas, causing a blackout for tens of thousands of citizens for an hour and fifteen minutes around midnight. Now, security researchers have discovered the culprit behind those cyber attacks on the Ukrainian industrial control systems. Slovakia-based security software maker ESET and US critical infrastructure security firm Dragos Inc. say they have discovered a new dangerous piece of malware in the wild that targets critical industrial control systems and is capable of causing blackouts. Dubbed " Industroyer " or " CrashOverRide ," the grid-sabotaging malware was likely to be used in the December 2016 cyber attack against Ukrainian electric utility Ukrenergo , which the security firms say represents a dangerous advancement in critical infrastructure hacking. According to the researchers, CrashO...
KasperskyOS — Secure Operating System released for IoT and Embedded Systems

KasperskyOS — Secure Operating System released for IoT and Embedded Systems

Feb 21, 2017
Russian cyber security and antivirus vendor Kaspersky Lab has made available the much awaited KasperskyOS , a secure-by-design operating system based on Microkernel architecture which is specially designed for network devices, industrial control systems and the Internet of Things. The operating system is not made for your average home PC; instead, it is meant to protect industrial systems and embedded devices from cyber attacks by preventing any third-party or malicious code from executing. Kaspersky Lab CEO Eugene Kaspersky confirmed the rumors of a new operating system on his official blog published on Monday, saying this project under the codename 11-11 has been in the works for 14 years and has been designed from scratch. The reason behind developing KasperskyOS is simple: Growing Internet-of-Things and embedded devices in industrial control systems (ICS) to power critical infrastructure. It's quite easy for most companies to get rid of the virus-infected computer, ...
Understanding the Dangers of Stuxnet in Industrial Control Systems

Understanding the Dangers of Stuxnet in Industrial Control Systems

Dec 09, 2010
Stuxnet is a sophisticated virus specifically designed to attack supervisory control and data acquisition (SCADA) systems manufactured by Siemens, a German industrial giant. These systems are commonly used to manage water supplies, power plants, and other industrial facilities, making the worm particularly dangerous for governments. Who Wrote This Program? Experts in cybersecurity speculate that Stuxnet may have been created by a government or a well-financed group of investors. The virus is too complex to be the work of a single hacker. Given that much of the damage occurred in Iran, many believe Stuxnet was designed to sabotage the country's nuclear facilities. Cyber-Attacks Getting More Sophisticated Even if Stuxnet wasn't targeting U.S. infrastructure, its creation marks a new wave of cyberattacks. These attacks, including viruses and malware, aim at infrastructure such as power-generating facilities. This shift means we must now worry about more sophisticated threats, no...
Expert Insights / Articles Videos
Cybersecurity Resources