A serious vulnerability in Schneider Electric Modicon Controllers was quickly discovered and mitigated, with the help of the eagle-eyed team at industrial cybersecurity firm Radiflow.
SCMagazine.com: Patched bug could have allowed attackers to remotely disconnect PLC devices from ICS systems
The bug was assigned only a medium-severity CVSS score of 4.8, but the implications of exploiting it could have been severe, according to critical infrastructure cybersecurity solutions provider Radiflow, whose CTO Yehonatan Kfir discovered the problem roughly two...
HelpNetSecurity.com: Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks
Uncovered by Radiflow CTO Yehonatan Kfir and responsibly disclosed to Schneider Electric over two months ago, the vulnerability affects all versions of Modicon M221 firmware prior to v188.8.131.52 and can be triggered with specially crafted programing protocol frames.
Critical infrastructure security firm Radiflow announced that it had discovered cryptocurrency mining malware in the operational technology network (which does monitoring and control) of a water utility in Europe—the first known instance of mining malware being used...