Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local...

Hybrid Ensemble Method for Detecting Cyber-Attacks in Water Distribution Systems Using the BATADAL Dataset

The cybersecurity of Industrial Control Systems that manage critical infrastructure such as Water Distribution Systems has become increasingly important as digital connectivity expands. BATADAL benchmark data is a good source of testing intrusion detection techniques, but it presents several...

Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk

The U.S. Environmental Protection Agency EPA Report Exposes Cybersecurity Risks in US Water Systems: Vulnerabilities in Critical Drinking…...

CISA is warning us (again) about the threat to critical infrastructure networks

Government-run water systems and other critical infrastructure are still at risk from state-sponsored actors, according to a renewed warning from the U.S. Cybersecurity and Infrastructure Security Agency. CISA released an advisory last week on the matter of days after a small water treatment...

Updated: Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional resources—from American Water Works Association, the WaterISAC, and MS-ISAC—to support water...

CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI released the joint fact sheet Top Cyber Actions for Securing Water Systems. This fact sheet outlines the following practical actions Water and Wastewater Systems WWS Sector entities can take to bette...

CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs

Today, CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Environmental Protection Agency EPA, and the Israel National Cyber Directorate INCD released a joint Cybersecurity Advisory CSA IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the acti...

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

Actions to take today to mitigate malicious activity: 1. Implement multifactor authentication. 2. Use strong, unique passwords. 3. Check PLCs for default passwords...

canberrahotwatersystems.com.au Cross Site Scripting vulnerability OBB-2829585

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

A DDoS Attack Wiped Out Andorra's Internet

Plus: Securing US water systems, the FBI's NSO Group dealings, and more of the week's top security news...

Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Summary Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Usestrong passwords. • Usemulti-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, Technique...

Rockwell Automation Allen-Bradley Stratix 5950

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley Stratix 5950 Vulnerabilities: Improper Input Validation, Improper Certificate Validation, Resource Management Errors 2. RISK EVALUATION Successful...

Beckhoff TwinCAT

CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Beckhoff Equipment: TwinCAT Vulnerability: Untrusted Pointer Dereference AFFECTED PRODUCTS Beckhoff reports that the vulnerability affects the following TwinCAT PLC products: TwinCAT 3.1 Build 4022.4 or prior, TwinCAT 2.11 R3 2259 or prio...

Advantech WebAccess/SCADA

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Path Traversal, SQL Injection AFFECTED PRODUCTS The following versions of WebAccess/SCADA, a SCADA software platform, are affected: WebAccess/SCADA versions prior ...

Rockwell Automation MicroLogix 1100 Denial of Service Vulnerability

Rockwell Automation is a British company that provides industrial automation control and globalized information. the MicroLogix 1100 series is used in food, agriculture and water and wastewater systems, among others. A denial of service vulnerability exists in Rockwell Automation MicroLogix 1100...

Honeywell XL Web II Controller Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified vulnerabilities in Honeywell’s XL Web II controller application. Honeywell has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following XL Web II controlle...

Rockwell Automation MicroLogix 1100 and 1400 Denial of Service Vulnerability

Rockwell Automation is a British company that provides industrial automation control and globalized information. the MicroLogix 1100 and 1400 series products are used in food, agriculture, and water and wastewater systems, to name a few. A denial of service vulnerability exists in Rockwell...

ICS-CERT Report Grim Reminder of State of Critical Infrastructure Security

U.S. critical infrastructure got another reminder this week that it needs to do more to protect itself from cyber attacks with the release of an annual government report. The NCCIC/ICS-CERT FY 2015 Annual Vulnerability Coordination Report points out that nagging issues continue to plague industri...

Open Automation Software OPC Systems NET DLL Hijacking Vulnerability

OVERVIEW Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in Open Automation Software’s OPC Systems.NET application. Open Automation Software has reviewed the vulnerability and determined not to patch the issue at this time. This vulnerability could be exploited remote...

Executive Agencies Pass on New Cybersecurity Regulations

Three Executive Branch federal agencies crucial to critical infrastructure protection will be allowed to continue to voluntarily assess cyber risk, rather than force the development and implementation of additional regulations. The White House yesterday released its conclusions as they relate to...