#plcs — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #plcs, aggregated by home.social.
-
OT-ISAC flags rising energy sector cyber risk as OT exposure spreads beyond control rooms into distributed assets
The OT Cybersecurity Information Sharing and Analysis Center…
#Energy #accesspathway #BESS #cyberrisk #DERplatforms #Distributedenergy #energycyber #energycybersecurity #energygrid #energysector #engineeringworkstation #EVSE #industrialransomware #OCPP #OTsystems #OT-ISAC #PLCs #RemoteAccess #renewableenergy #RTUs #threatlandscape #vulnerabilities
https://www.europesays.com/2951314/ -
OT-ISAC flags rising energy sector cyber risk as OT exposure spreads beyond control rooms into distributed assets https://www.byteseu.com/1972028/ #AccessPathway #BESS #CyberRisk #DERPlatforms #DistributedEnergy #Energy #EnergyCyber #EnergyCybersecurity #EnergyGrid #EnergySector #EngineeringWorkstation #EVSE #IndustrialRansomware #OCPP #OTSystems #OTISAC #PLCs #RemoteAccess #RenewableEnergy #RTUs #ThreatLandscape #vulnerabilities
-
Industrial systems face structural gap as quantum risks drive urgency for crypto-agility and post-quantum readiness https://www.byteseu.com/1933504/ #AI #Algorithms #claroty #CriticalInfrastructure #Crypto #CryptoAgility #CryptoCurrency #cryptography #CyberResilience #CyberRisks #Dragos #EmbeddedDevices #encryption #IIoT #industrial #IndustrialSystems #Industry40 #NIST #NozomiNetworks #OTEnvironments #PLCs #PostQuantum #QuantumComputer #QuantumComputing #QuantumRisks #SafetySystems
-
CISA and EPA Warn: Internet-Exposed HMIs Pose Serious Cybersecurity Risks to Water Systems https://thecyberexpress.com/exposed-human-machine-interfaces-in-wws/ #CybersecurityRiskstoWater #HumanMachineInterfaces #TheCyberExpressNews #TheCyberExpress #FirewallDaily #CyberNews #SCADA #CISA #PLCs #EPA #WWS
-
@landley @DavittoKun Again: Simplicity on it's own has value!
https://infosec.space/@OS1337/111795968531113076I don't expect OS/1337 to become the major #Desktop OS or even put a significant dent into #Yocto #Linux's marketshare.
But I'd rather want to see it as something that drives #CriticalInfrastructure like #MedicalIT, #PowerGrids and #PLCs instead of cringeworthy #Bloatware like #Windows that is laced with so much #Govware that we can truly say #Microsoft is incompetent...
http://www.youtube.com/watch?v=SGmtP5Lg_t0#t=6m20sIn the end, it may end up like #AlpineLinux but to be fair I want to basically find a sweet spot between #mkroot-level simplicity and most modern distros with some basic quality-of-life additions that one can choose (or not!) to use.
Like a really basic package manager that takes away the hassle of "build it yourself" if one trusts me...
https://github.com/OS-1337/spmOFC that could be self-hosted internally...
-
You know shits about to get super real when #DavidMuir is reporting about it on #ABCWorldNewsTonight
A #PumpStation in #Aliquippa #Pennsylvania was hacked by #IranianHackers simply because they used electronics made in #Israel. Obviously, they were just probing to gain #intel for a future attack against a larger critical infrastructure target. Thankfully, no one was hurt, and the town's water supply isn't tainted. The #hackers even threatened that "Israel-made gear is fair game" pointing to continued aggressions.
Woke up to an advisory from #CISA on #UnitronicPLCs using in Water and Wastewater Systems: Cyber threat actors are targeting #PLCs associated with #WWS facilities, including an identified Unitronics PLC, at a U.S. water facility.
#cyberwar #criticalinfrastructure #IsraelHamaswar #PatchYourSystems
-
CW: research review
R. Ma et al., "Towards Comprehensively Understanding the Run-time Security of Programmable Logic Controllers: A 3-year Empirical Study"¹
Programmable Logic Controllers (PLCs) are the core control devices in Industrial Control Systems (ICSs), which control and monitor the underlying physical plants such as power grids. PLCs were initially designed to work in a trusted industrial network, which however can be brittle once deployed in an Internet-facing (or penetrated) network. Yet, there is a lack of systematic empirical analysis of the run-time security of modern real-world PLCs. To close this gap, we present the first large-scale measurement on 23 off-the-shelf PLCs across 13 leading vendors. We find many common security issues and unexplored implications that should be more carefully addressed in the design and implementation. To sum up, the unsupervised logic applications can cause system resource/privilege abuse, which gives adversaries new means to hijack the control flow of a runtime system remotely (without exploiting memory vulnerabilities); 2) the improper access control mechanisms bring many unauthorized access implications; 3) the proprietary or semi-proprietary protocols are fragile regarding confidentiality and integrity protection of run-time data. We empirically evaluated the corresponding attack vectors on multiple PLCs, which demonstrates that the security implications are severe and broad. Our findings were reported to the related parties responsibly, and 20 bugs have been confirmed with 7 assigned CVEs.