Skip to content

The OT & IoT Cybersecurity Feed – October 2020

News Post SCADAfence Main-1

Hey, I’m SCADAGirl.

I’m a cybersecurity superhero that ensures that OT & IoT networks are safe.

Here is my commentary on the latest headlines in OT & IoT security.

News Post SCADAfence2

ICS Advisory (ICSA-20-240-01) Red Lion N-Tron 702-W, 702M12-W

SCADAgirl SCADAfence Research – ICS Ethernet Switches used in Industrial Networks by manufacturer Red Lion are exposed to Remote Command Injection. The switches types are 702-W and 702M12-W. Read More 

News Post SCADAfence Oct 1-1

Critical Vulnerabilities Expose MoFi Routers to Remote Attacks

SCADAgirl SCADAfence Research  – IOT Routers made by MoFi network are vulnerable to Remote Code Execution vulnerabilities. The series affected is MOFI4500, which includes several routers which includes WIFI and 4g capabilities. Companies utilizing such routers for mobile or remote connectivity should check their devices for updates. Read More

News Post SCADAfence Oct 2

BLURtooth Vulnerability Lets Attackers Defeat Bluetooth Encryption

SCADAgirlSCADAfence Research – IOT BLURtooth vulnerability exposes new generations of bluetooth-enabled devices to MITM attacks. Academic researchers have discovered that certain implementations of Bluetooth 4.0 to 5.0 suffer from weak key generation and thus allow MITM to take place. Read More

News Post SCADAfence Oct 3

Netwalker Ransomware Hits Pakistan’s Largest Private Power Utility

SCADAgirlSCADAfence Research – Netwalker Ransomware hits the largest private power company in Pakistan. The ransomware caused disruption in billing and online services. Read More 

News Post SCADAfence Oct 7

Windows Zerologon PoC Exploits Allow Domain Takeover. Patch This Now!

SCADAgirlSCADAfence Research – A PoC was released for the Zerologon vulnerability, which allows attackers to gain Domain Admin privileges and take over windows domain environments. The vulnerability CVE-2020-1472 was patched by Microsoft in the last August update. The vulnerability occurs when an attempt to login as a domain administrator is made, and a spoofed response is sent to the client telling the login succeeded. The vulnerability relies on the fact that it is possible to fallback to unencrypted RPC, and after that, using a security flaw found in Netlogon AES-CFB8 cryptographic negotiation. Please read more for the full article & the POC code. Read More 

News Post SCADAfence Oct 8

Ransomware Attack at German Hospital Leads to Death of Patient

SCADAgirl SCADAfence Research – Ransomware attack at a German hospital leads to the death of a patient. The ransomware attack lead to the situation where emergency care could not occur at the hospital, and a patient in a life-threatening condition died after being forced to go to a more distant hospital. Read More

News Post SCADAfence2

ICS Advisory (ICSA-13-011-01)

SCADAgirl SCADAfence Research – Devices running CoDeSys are vulnerable to read/write any files on devices running it. Also devices running CoDeSys require no authentication by default, making attackers able to change the device configuration. Read More

News Post SCADAfence Oct 9

The Windows XP Source Code Was Allegedly Leaked Online

SCADAgirl SCADAfence Research – Windows XP Source code was leaked online, and can be downloaded by a torrent. The leaked source code may help attackers find new, yet unknown, vulnerabilities in, even new, Windows operating systems. Read More 

News Post SCADAfence Oct 10

Ransomware Hits US-Based Arthur J. Gallagher Insurance Giant

SCADAgirl SCADAfence Research – US-based Arthur J. Gallagher (AJG) global insurance brokerage and risk management firm confirmed a ransomware attack that hit its systems. Read More 

News Post SCADAfence Oct 12

UHS Hospitals Hit by Reported Country-Wide Ryuk Ransomware Attack

SCADAgirl SCADAfence Research – UHS hospitals hit by reported country-wide Ryuk ransomware attack, shutting down a few of its hospitals.

“After 1min or so of this the computers logged out and shutdown. When you try to power back on the computers they automatically just shutdown. “We have no access to anything computer based including old labs, ekg’s, or radiology studies. We have no access to our PACS radiology system.” Read More

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.