Kaspersky Lab
Vulnerability discovered in Siemens protection technology
Kaspersky Lab has identified a vulnerability in Siemens protection technology products as part of a security audit of critical infrastructure. Once it became known, Siemens immediately closed the gap.
The vulnerability was specifically discovered within a 'Siprotec 4' network module from Siemens. This device is widely used in the energy sector to protect power grids from short circuits or critical overloads. According to Kaspersky, attackers could gain limited access to memory information via the CVE-2016-4785 vulnerability.
"Detecting such vulnerabilities is not our main job. However, in the past, we have repeatedly shown that we almost always find something during security assessments," says Sergey Gordeychik, Deputy CTO at Kaspersky Lab. Siemens has confirmed the vulnerability and published a document containing useful instructions on prevention measures and updates.
You might also be interested in
Increasing security risk due to shortage of skilled workers
The number of cyber attacks will continue to increase in the future. The reason: despite the advance of cloud computing, mobile computing and IoT, companies are not increasing the number of their IT security staff sufficiently - according to a study...
read more...Review of the 'Forum Safety & Security'
The new name says it all: because security is also becoming crucial for functional safety in view of increasing networking, WEKA Fachmedien has developed its successful 'Forum Functional Safety' into the 'Forum Safety & Security'.
read more...Kaspersky warns of critical vulnerabilities
Security specialist Kaspersky has analyzed which industrial control systems are accessible via the Internet worldwide. Critical vulnerabilities were identified - at Siemens, Schneider Electric and other automation technology providers.
read more...Safety starts with the design
A generally established 'state of the art' has developed for the design, development and operation of safety control systems. The situation is different when it comes to IT security, where appropriate measures are often defined and implemented on an...
read more...Two sides of the same coin
In the future, safety must ensure both the protection of people and machines as well as the necessary flexibility and availability in the smart factory. This requires a holistic approach to safety and security.
read more...Phishing attack on Telekom data
T-Online passwords circulating on the darknet
Customer data from over a dozen companies is currently being offered on the darknet - including Telekom customers. A random sample of around 90 data records has shown that some of the Telekom customer data is genuine and up-to-date.
read more...Securely transmit new passwords
Forgot your password? No problem: You can either receive a new one by e-mail or answer a security question and receive a password directly. Both methods offer vulnerabilities for hackers. Now there is an alternative.
read more...VDMA publishes 'Industry 4.0 Security' guide
The VDMA has published a practical guide "Industry 4.0 Security". It is intended to enable medium-sized companies to take concrete measures and implement security requirements for their own products, machines and systems.
read more...The 'Forum Safety & Security' in Munich
On July 6 and 7, Munich will be all about safety. As part of the 'Safety & Security Forum', experts will be discussing current issues and solutions relating to machine and plant safety over the two days of the congress.
read more...