Omron’s NJ/NX-Series Machine Automation Controllers Vulnerabilities
Executive Summary On April 13, 2022, the Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of ...
Dataprobe’s iBoot-Power Distribution Unit (PDU) Vulnerabilities
Executive Summary On Tuesday, September 20, 2022, Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control system advisory (ICSA-22-263-03) regarding seven serious ...
Executive Summary Cyber attackers and online criminal gangs have disrupted corporations and critical infrastructure globally through cyberterrorism for over 20 years. Today, they are utilizing ...
OT:ICEFALL – Forescout’s Vedere Labs Identifies 56 Vulnerabilities Impacting OT Devices
Executive Summary Vedere Labs researchers released a report, in June of 2022, concerning 56 new vulnerabilities in 26 models of ten different operational technology (OT) manufacturers' devices. ...
INFRA:HALT – New NicheStack Vulnerabilities Affecting Critical OT Devices
Executive Summary NicheStack is a proprietary Internet Protocol version 4 (IPv4) network layer that is used in embedded operating systems in industrial control devices (ICS) [7]. It allows for ...
Hikvision: Chinese Surveillance Camera Vulnerability Exposes Zero-Click Network Compromise
Executive Summary A critical vulnerability has been found in the firmware of surveillance devices manufactured by Hikvision, a Chinese based tech company. The vulnerability can be exploited ...
Securing the Future of Industrial Automation: The Crossroads of IT & OT
Executive Summary Industrial Control Systems (ICS) are devices used to maintain operability of machinery and equipment. They are small devices with computer with operating systems known as ...
Kaylay Platform Vulnerability Compromises Smart Home Security
Executive Summary A new Critical Vulnerability and Exposure (CVE) that effects over 83 million Internet of Things (IoT) security devices has been found in the cloud platform of ThroughTek Co., ...
Oldsmar Water Treatment Facility Attack
(By: Edgar Namoca on February 18, 2021) Executive Summary On February 5, 2021, adversaries we able to gain remote access to the Oldsmar water treatment plant [1]. The Oldsmar water ...
Ransomware Attack on the University of Vermont Health Network
(By: Edgar Namoca on February 3, 2021) Executive Summary The most recent and still ongoing attack is the ransomware attack on the University of Vermont (UVM) health network. On October 28, 2020, ...