IT / OT Security News

Russian state-sponsored hackers have attempted to sabotage Dutch critical infrastructure in attacks this year and last

Lantronix’s XPort device is affected by a critical vulnerability that can be used for takeover and disruption, including in the energy sector.

Frenos, a company specializing in autonomous OT security assessment platforms, has alerted OT (operational technology) security professionals to a major new vulnerability discovered in 2025.

Countries around the world are preparing for greater digital conflict as increasing global tensions.

As a continuation of its earlier research report, Resecurity released new threat intelligence research highlighting threat actors targeting energy installations in North America, Asia, and the European Union, including nuclear facilities and related research entities.

Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.

City officials have disabled crosswalk voice announcement features, for now.

In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.

Industrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.

Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers.

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.

Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.

A sophisticated Linux-based backdoor dubbed “OrpaCrab” has emerged as a significant threat to operational technology (OT) systems.

Production line monitoring cameras made by Inaba can be hacked for surveillance and sabotage, but they remain unpatched.

Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab

Threats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort.

ICS/OT security firm Dragos on Wednesday published a case study describing an intrusion attributed to the notorious Chinese threat actor Volt Typhoon into the US electric grid.

Cyber-physical systems security company TXOne Networks has published its 2024 Annual OT/ICS Cybersecurity Report.

In this article, our team details how Akira was able to compromise an unsecured webcam in order to circumvent an Endpoint Detection and Response (EDR) tool and deploy ransomware.

The SANS Institute and OPSWAT on Tuesday published the 2025 ICS/OT Cybersecurity Budget Report.

Direct attacks on critical infrastructure get a lot of attention, but the bigger danger often lies in something less visible: The poor cybersecurity practices of the businesses that keep these systems running.

Cybersecurity company Nozomi Networks has released its latest OT and IoT security report, OT/IoT Cybersecurity Trends and Insights, February 2025.

Industrial cybersecurity company Dragos on Tuesday published its 2025 OT/ICS Cybersecurity Report, which provides insights on the threat activity and trends observed last year.

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

Traditionally, chief information security officers (CISOs) concentrated on protecting digital data, corporate networks and IT environments. Meanwhile, operational technology (OT) systems — found in critical sectors such as manufacturing, energy and transportation — operated in isolation, prioritizing stability and continuity over cybersecurity.

The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device.

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn't just ineffective—it's high risk.

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products.

As we enter 2025, the frequency and sophistication of cyberattacks on critical national infrastructure (CNI) in the US are rising at an alarming rate.

Manufacturers are increasingly vulnerable to attacks amid a lack of specialized employee training and poor infrastructure, experts say.