WisePlant – A WiseGroup Company

OTC – Vulnerabilities within OT Domain

Vulnerability: it can be one or more weaknesses which can be used by a threat to compromise one or mode cyber-sensitive assets. In this context, vulnerabilities can be procedural, technological, or physical. A few real examples below.

Fortinet Critical CVEs

Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched

Security experts express alarm as unpatched Fortinet VPN zero-day continues to fuel malicious attacks. Concerns grow over unresolved vulnerabilities posing ...
Fortinet Critical CVEs

CISA says critical Fortinet RCE flaw now exploited in attacks

Stay alert! CISA raises alarm as Fortinet RCE flaw exploits surge. Take immediate action to protect your systems ...
Microsoft Windows ‘Critical Vulnerability’ Warning—You Have 72 Hours To Update Your PC

Microsoft Windows ‘Critical Vulnerability’ Warning—You Have 72 Hours To Update Your PC

Stay protected from the latest high-risk security flaw! Microsoft issues urgent warning for Microsoft Windows users, update your PC within ...
RCE Flaw

CISA: Network switch RCE flaw impacts critical infrastructure

Discover the latest CISA alert on a critical network RCE switch flaw impacting infrastructure security. Learn why immediate action is ...
Rellio UPS

Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm

Discover how WiseGroup's Security Firm uncovered critical unpatched vulnerabilities in Riello UPSs, posing severe security risks ...
CISA Warns

CISA warns of Windows flaw used in infostealer malware attacks

CISA alerts of critical Windows flaw exploited in infostealer malware attacks, stressing urgent action. WisePlant is here to safeguard your ...
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability

FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability

FreeBSD takes swift action to address critical OpenSSH vulnerability, issuing urgent patch for heightened security ...
0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

A recently discovered "0.0.0.0 Day" vulnerability that affects major web browsers like Chrome, Firefox, and Safari. This vulnerability could be ...
VMware ESXi hypervisor vulnerability grants full admin privileges

VMware ESXi hypervisor vulnerability grants full admin privileges

Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to ...
ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.

ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.

The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other ...
PFFail

PKfail Secure Boot bypass lets attackers install UEFI malware

PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to ...
CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISA warns of actively exploited Juniper pre-auth RCE exploit chain

In addition, CISA is working with Juniper Networks to develop a patch for the vulnerabilities associated with the exploit chain ...
The State of Knowledge

The State of Knowledge and Risk Management in Industrial Cybersecurity (ISA/IEC-62443-3-2)

The state of knowledge in industrial cybersecurity during the past decade is based on a vast experience. There is a ...
Codesys

Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

Industrial PLCs around the world are vulnerable to CODESYS V3 RCE flaws, potentially leading to serious security risks. Learn more ...
Cisco Switch Vulnerabilities

Cisco warned customers of a high-severity cisco switch vulnerabilities.

Cisco has recently warned customers of a high-severity vulnerability impacting some of its switch models. This vulnerability could allow attackers ...
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

CISA has issued a warning about critical vulnerabilities in Siemens, GE Digital, and Contec industrial control systems. These flaws could ...
CISA Alert: Veeam Backup

CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks

CISA has issued an alert warning of active exploitation of vulnerabilities in Veeam Backup and Replication. Organizations should take steps ...
New attacks use Windows security bypass zero-day to drop Qbot malware

New attacks use Windows security bypass zero-day to drop Qbot malware

New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security ...
Serious Security: Linux Kernel Bugs That Emerged After 15 Years

Serious Security: Linux Kernel Bugs That Emerged After 15 Years

Researchers from cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel... ... In ...
The U.S. food supply is not cyber-secure or safe from threats to control systems

The U.S. food supply is not cyber-secure or safe from threats to control systems

The U.S. Food and Drug Administration (FDA) issued the final rule on the Food Safety Modernization Act (FSMA) in November ...