Posts for category: ICS Weekly Executive Summaries

INFRA:HALT – New NicheStack Vulnerabilities Affecting Critical OT Devices

(By: Anthony Eich on October 21, 2021) Executive Summary NicheStack is a proprietary Internet Protocol version 4 (IPv4) network layer that is used in embedded operating systems in industrial ...

Hikvision: Chinese Surveillance Camera Vulnerability Exposes Zero-Click Network Compromise

(By: Anthony Eich on September 30, 2021) Executive Summary A critical vulnerability has been found in the firmware of surveillance devices manufactured by Hikvision, a Chinese based tech company. ...

Securing the Future of Industrial Automation: The Crossroads of IT & OT

(By: Anthony Eich September 23, 2021) Executive Summary Industrial Control Systems (ICS) are devices used to maintain operability of machinery and equipment. They are small devices with computer ...

Kaylay Platform Vulnerability Compromises Smart Home Security

(By: Anthony Eich on September 17, 2021) Executive Summary A new Critical Vulnerability and Exposure (CVE) that effects over 83 million Internet of Things (IoT) security devices has been ...

Oldsmar Water Treatment Facility Attack

(By: Edgar Namoca on February 18, 2021) Executive Summary On February 5, 2021, adversaries we able to gain remote access to the Oldsmar water treatment plant [1].  The Oldsmar water ...

Ransomware Attack on the University of Vermont Health Network

(By: Edgar Namoca on February 3, 2021) Executive Summary The most recent and still ongoing attack is the ransomware attack on the University of Vermont (UVM) health network.  On October 28, 2020, ...

Urgent / 11

(By: Edgar Namoca on February 2, 2021) Executive Summary Urgent/11 comprises eleven Zero-day flaws in the VxWorks real-time operating system (ROTS) [1]. VxWorks is a real-time operating ...

Increased activity of Dridex

(By: Edgar Namoca on October 22, 2020) Introduction June 30, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) put out an advisory alert for a malware known as Dridex.  ...

Over 400 United States Hospitals Effected by Ransomware

(By: Edgar Namoca on October 15, 2020) Introduction September 28, 2020 United Health Services (UHS) was the victim of a ransomware attack [1].  This attack was initiated at midnight when ...

OilRig Targets Middle Eastern Telecommunications Organizations

(By: Edgar Namoca on September 17, 2020) Executive Summary On July 22, 2020 an article was published on the research of recent targeted attacks on Middle Eastern telecommunications ...