#OT #Advisory VDE-2025-020
WAGO: Switches affected by year 2k38 problem
#CVE CVE-2025-1235
https://certvde.com/en/advisories/VDE-2025-020
#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-020.json
#OT #Advisory VDE-2025-044
Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities
#CVE CVE-2025-41651, CVE-2025-41652, CVE-2025-41649, CVE-2025-41650, CVE-2025-41653
https://certvde.com/en/advisories/VDE-2025-044
#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-044.json
#OT #Advisory VDE-2025-041
Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX
Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability.
Weidmueller has released a new firmware for the affected product to fix the vulnerability.
#CVE CVE-2025-3600
https://certvde.com/en/advisories/VDE-2025-041
#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-041.json
https://www.europesays.com/uk/108940/ “Networks are crucial to help you get through” #Health #MentalHealth #MentalHealthAwarenessWeek #OptometryToday #OT #ProfessorEdMallen #UK #UnitedKingdom #UniversityOfBradford #Wellbeing
#OT #Advisory #Update VDE-2023-046
WAGO: Multiple products vulnerable to local file inclusion
An attacker with administrative privileges which can access sensitive files can additionally access them in an unintended, undocumented way.
UPDATE 07.05.2025: The fixed versions have been updated, because the previously mentioned versions are still vulnerable to this issue. More details have been added to the hardware devices. More affected version numbers were added to the firmwares.
#CVE CVE-2023-4089
https://certvde.com/en/advisories/VDE-2023-046
#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-046.json
Forescout reports rise of state-sponsored hacktivism, as geopolitics rewrites cyber threat landscape https://www.byteseu.com/969179/ #Blackjack #ControlSystems #CriticalInfrastructure #DDoS #Energy #FinancialServices #ForescoutTechnologies #Geopolitics #Government #HandalaGroup #ics #IndianCyberForce #IndustrialControl #logistics #Manufacturing #MilitarySystems #NoName057(16) #OT #telecommunications #Transportation
https://www.europesays.com/2019261/ Verizon Reports Surge in Breaches Tied to Edge Devices #Cybersecurity #Data #DataBreach #DBIR #InformationSecurity #OT #ransomware #verizon #VerizonBusiness
https://www.europesays.com/2010929/ Integrating AI and ML technologies across OT, ICS environments to enhance anomaly detection and operational resilience #AI #AnomalyDetection #Armis #ArtificialIntelligence #ControlSystem #Darktrace #GenerativeAI #ICS #industrial #IndustrialControl #ML #Nvidia #OperationalResilience #OT #ThreatIntelligence #ThreatGEN
Wir sind auf der #HM25! Besuchen Sie uns z. B. im 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝗶𝗮𝗹 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗶𝗿𝗰𝘂𝘀 𝗶𝗻 𝗛𝗮𝗹𝗹𝗲 𝟭𝟲, 𝗦𝘁𝗮𝗻𝗱 𝗔𝟭𝟮 (𝟵) und erfahren Sie, wie Sie die Sicherheit und Robustheit Ihrer vernetzten Industrieanlagen testen und verbessern können. Außerdem demonstrieren wir Ihnen in unserem #Lernlabor #Cybersicherheit für die Energie- und Wasserversorgung, wie Cyberattacken wirken und wie Sie sich dagegen schützen können. 
Mehr Infos: www.iosb.fraunhofer.de/hm25
Neida, bloggen var ikke død! Vi har skrevet en rapport om bruk av skyen for kritisk OT - se sammendrag her: https://infosec.sintef.no/informasjonssikkerhet/2025/03/skybasert-ot-i-kritisk-infrastruktur-sikkerhetsutfordringer-og-muligheter/ (og link til hele rapporten) #cloudsec #cybersec #OT
Searching for an #OT #Advisory?
Want it machine readable?
Have a look at our #csaf aggregator https://aggregator.certvde.com for advisories of 35+ OT and #ICS vendors that partner with CERT@VDE.
See https://certvde.com/en/more/csaf/ for a full list of the trusted providers used on the aggregator.
Schöner Artikel, der die Unterschiede zu klassischer #Notfallvorsorge in der IT aufzeigt.
Irgendwie anders: Notfallvorsorge in der #OT
https://medium.com/@IRTobi/irgendwie-anders-notfallvorsorge-in-der-ot-0a8b4abf7db1
Utility says its equipment may have started a small blaze that erupted during January’s LA
firestormhttps://apnews.com/article/california-wildfires-socal-edison-hurst-fire-cause-1204b0bd207a01aa41dc617d6edc0ff2
If you don't remove #technicaldebt it will kill you. This is the #ot version of the #California #Wildfire s
Just what we need, another Russian threat group tampering with critical infrastructure control panels.
#Russia #ThreatIntelligence #Cybersecurity #CriticalInfrastructure #OT #ICS #SCADA #Hackers #Security #NationalSecurity
https://cyble.com/blog/dark-web-activity-new-hacktivist-group-emerges/
https://www.europesays.com/1790285/ Forescout reports growth in US federal business, with 38% rise in DoD sector and NIAP certification for OT solution #america #business #CriticalInfrastructure #Cybersecurity #Forescout #OT #OTCyber #OTCybersecurity #ThreatLandscape #UnitedStates #UnitedStatesOfAmerica #US #USA
#Moxa warns of two flaws in its #routers and security #appliances that enable privilege escalation and remote command execution.
"Moxa addressed privilege escalation and OS command injection #vulnerabilities in cellular routers, secure routers, and network security appliances."
CVE-2024-9138 (CVSS 4.0 score: 8.6)
CVE-2024-9140 (CVSS 4.0 score: 9.3)
#KRITIS #OT #RCE
https://securityaffairs.com/172770/ics-scada/moxa-router-flaws-risks-to-industrial-environmets.html
Claroty is growing and looking to hire a Partner Services Offering Architect who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity. This individual will manage the technical implementation and execution of our partner-focused services program and drive long-term customer value. More info and apply here: https://claroty.com/open-positions/05.B4C
Ahoy infosec.exchange!
After I've been lurking around here for quite a while, I think it's time for an #introduction.
My current Mastodon mode of operation is to randomly stick my head into this collaborative stream of consciousness from time to time, observe whatever floats by quietly and most likely leave without any interaction.
In general, I seek to understand the reality we live in and try to figure out how to improve it. This involves far too many details and unfortunately I tend to engage in all kinds of side quests instead of working on what matters the most.
I've not decided yet how much and what parts of myself I want to disclose around here. So, expect some more lurking. If I post something, it will probably revolve around #automation, #communication, #cybersecurity, #education, #it, #networks, #ot, #privacy or #python.
#OT: Sollten wir mit trackle mal Sportsponsoring betreiben, auf jeden Fall "Wehen Wiesbaden" anfragen.
