IT / OT Security News

Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors.

Unidentified hackers have breached the systems of a Norwegian dam and opened its water valve at full capacity in an incident this April.

Israeli officials are urging citizens to disconnect internet-connected security cameras, warning that Iran may be exploiting them to gather real-time intelligence and adjust missile targeting.

A new report from Virtual Routes highlights that many critical infrastructure entities across Europe remain ill-prepared to defend against cyber threats.

Cyfirma researchers this week profiled MISSION2025, a Chinese state-sponsored threat group tied to APT41.

It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.

Industrial solutions providers Siemens, Schneider Electric and Aveva have released June 2025 Patch Tuesday ICS security advisories.

Bitsight has identified over 40,000 security cameras that can be easily hacked for spying or other types of malicious activity.

Manufacturers are increasingly vulnerable to attacks amid a lack of specialized employee training and poor infrastructure, experts say.

Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.

Researchers from Forescout have analyzed the prevalence of internet-exposed solar power devices and shared a list of the top vendors and devices.

Manufacturing organizations have been subjected to cyber intrusions from 71% more threat actors in 2024, compared with the previous year

A critical command execution vulnerability has been found by a researcher in Instantel Micromate monitoring units.

New research from Claroty’s Team82 uncovered critical security vulnerabilities in the Allen-Bradley (Rockwell Automation) PowerMonitor 1000

Hackers working for Russian military intelligence targeted Western technology and logistics companies involved in shipping assistance to Ukraine

More than 100 AutomationDirect MB-Gateway devices may be vulnerable to attacks from the internet due to CVE-2025-36535.

Industrial giants Siemens, Schneider Electric and Phoenix Contact have released ICS security advisories on the May 2025 Patch Tuesday.

U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said.

Amid intensifying AI-boosted threats, industrial enterprises can review the following checklists to strengthen cybersecurity, ensure business continuity, and maintain cyber resilience.

Senior government officials have “concerns” about the robustness of cyber defences at small and medium-sized power facilities, notably solar and wind farms...

Following a recent widespread blackout, Spain's cybersecurity agency is investigating the cyber defenses of smaller electricity generators, particularly renewable energy facilities.

Agencies say the attacks leverage basic intrusion techniques, but poor cyber hygiene within critical infrastructure organizations could lead to disruptions and damage.

An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years.

Nova Scotia Power and Emera are responding to a cybersecurity incident that impacted IT systems and networks.

Aigües de Mataró, a Spanish water supplier responsible for both drinking water and sewage systems, announced on Wednesday that its corporate computer systems and website were hit by a cyberattack.

Russian state-sponsored hackers have attempted to sabotage Dutch critical infrastructure in attacks this year and last

Lantronix’s XPort device is affected by a critical vulnerability that can be used for takeover and disruption, including in the energy sector.

Frenos, a company specializing in autonomous OT security assessment platforms, has alerted OT (operational technology) security professionals to a major new vulnerability discovered in 2025.

Countries around the world are preparing for greater digital conflict as increasing global tensions.

As a continuation of its earlier research report, Resecurity released new threat intelligence research highlighting threat actors targeting energy installations in North America, Asia, and the European Union, including nuclear facilities and related research entities.

Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.

City officials have disabled crosswalk voice announcement features, for now.

In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.

Industrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.

Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers.

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.

Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.

A sophisticated Linux-based backdoor dubbed “OrpaCrab” has emerged as a significant threat to operational technology (OT) systems.

Production line monitoring cameras made by Inaba can be hacked for surveillance and sabotage, but they remain unpatched.

Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab

Threats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort.

ICS/OT security firm Dragos on Wednesday published a case study describing an intrusion attributed to the notorious Chinese threat actor Volt Typhoon into the US electric grid.

Cyber-physical systems security company TXOne Networks has published its 2024 Annual OT/ICS Cybersecurity Report.

In this article, our team details how Akira was able to compromise an unsecured webcam in order to circumvent an Endpoint Detection and Response (EDR) tool and deploy ransomware.

The SANS Institute and OPSWAT on Tuesday published the 2025 ICS/OT Cybersecurity Budget Report.

Direct attacks on critical infrastructure get a lot of attention, but the bigger danger often lies in something less visible: The poor cybersecurity practices of the businesses that keep these systems running.

Cybersecurity company Nozomi Networks has released its latest OT and IoT security report, OT/IoT Cybersecurity Trends and Insights, February 2025.

Industrial cybersecurity company Dragos on Tuesday published its 2025 OT/ICS Cybersecurity Report, which provides insights on the threat activity and trends observed last year.

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

Traditionally, chief information security officers (CISOs) concentrated on protecting digital data, corporate networks and IT environments. Meanwhile, operational technology (OT) systems — found in critical sectors such as manufacturing, energy and transportation — operated in isolation, prioritizing stability and continuity over cybersecurity.

The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device.

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn't just ineffective—it's high risk.

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products.

As we enter 2025, the frequency and sophistication of cyberattacks on critical national infrastructure (CNI) in the US are rising at an alarming rate.