Vulnerabilities Archives - Industrial Control Systems (ICS) Cybersecurity Conference

Side-Channel Attacks Put Critical Infrastructure at Risk

Industry News — Mon, 05 Nov 2018 13:52:26 +0000

ICS Devices Vulnerable to Side-Channel Attacks: Researcher Shows (Eduard Kovacs – SecurityWeek) Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek’s ICS Cyber Security Conference in Atlanta, GA. Demos Andreou, a lead engineer at power management company Eaton, has conducted an analysis of protection devices typically used in the energy sector, specifically in power distribution stations. Side-channel attacks can be used to extract data from a system based on information […]

The post Side-Channel Attacks Put Critical Infrastructure at Risk appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Siemens Warns Customers of New Meltdown, Spectre Variants

Industry News — Wed, 18 Jul 2018 01:20:54 +0000

(Eduard Kovacs – SecurityWeek) – Siemens recently updated its security bulletin for the Meltdown and Spectre vulnerabilities to inform customers of the latest variants, specifically the ones known as LazyFP and Spectre 1.1. Several industrial control systems (ICS) vendors published security advisories for the CPU flaws shortly after they were disclosed in early January. Siemens published a bulletin on speculative side-channel vulnerabilities on January 11. In late May, the company updated its bulletin to include information about Variant 3a and […]

The post Siemens Warns Customers of New Meltdown, Spectre Variants appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Vulnerabilities Expose Siemens Central Plant Clocks to Attacks

Industry News — Tue, 03 Jul 2018 14:30:26 +0000

(SecurityWeek – Eduard Kovacs) Siemens informed customers on Tuesday that some of its SICLOCK central plant clocks are affected by several vulnerabilities, including ones that have been rated “critical.” Siemens SICLOCK devices are used to synchronize time in industrial plants. The central plant clock ensures stability in case of a failure or loss of reception at the primary time source. According to the German industrial giant, SICLOCK systems are affected by a total of six vulnerabilities. The security holes have […]

The post Vulnerabilities Expose Siemens Central Plant Clocks to Attacks appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Siemens Fixes Vulnerabilities in SIMATIC, License Manager Products

Industry News — Mon, 17 Oct 2016 12:57:47 +0000

(SecurityWeek) – Siemens has released software updates to address several vulnerabilities in its SIMATIC and Automation License Manager (ALM) products. According to advisories published last week by both ICS-CERT and Siemens, the ALM, which allows customers to centrally manage licenses for their Siemens products, is affected by three vulnerabilities. The security holes, including one rated high severity and one rated critical, were reported to the vendor by researchers from Kaspersky Lab’s critical infrastructure team. The critical vulnerability, tracked as CVE-2016-8565, […]

The post Siemens Fixes Vulnerabilities in SIMATIC, License Manager Products appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.