Claroty Archives - Cyber Security Minute

Weaponized PLCs Can Hack Engineering Workstations in Attacks on Industrial Orgs

Issued by: Security Week

PLCs can be a tempting target for threat actors as they can be abused to cause damage and disruption, and to make changes to the processes they control. This is why they are often seen as the ultimate goal of an attacker. However, researchers at industrial cybersecurity firm Claroty wanted to show that PLCs can…

Vulnerabilities

Nagios XI vulnerabilities open enterprise IT infrastructure to attack

Issued by: Help Net Security

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…

Vulnerabilities

Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs

Issued by: Security Week

The vulnerability is tracked as CVE-2020-15782 and it has been described as a high-severity memory protection bypass issue that allows an attacker with network access to TCP port 102 to write or read data in protected memory areas. Siemens PLCs can be hacked remotely via new vulnerabilitySiemens says the security hole impacts its SIMATIC S7-1200…

Software Security

Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms

Issued by: Security Week

The vulnerabilities were discovered by researchers at industrial cybersecurity firm Claroty and they were addressed by the vendor with the release of AssetCentre v11. Previous versions are impacted. FactoryTalk AssetCentre is designed for securing, managing, tracking, versioning and reporting information related to automation assets across an entire facility. The product is used by many industrial…