Security News

Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems. A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon's eCatcher VPN client.

Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems. A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon's eCatcher VPN client.

Source code belonging to tens of companies, including several major organizations, has been leaked online after it was found on unprotected DevOps infrastructure. Kottmann told SecurityWeek that the source code they've made public, much of which appears to be proprietary, mostly comes from improperly configured or exposed DevOps infrastructure.

The U.S. National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology systems to cyberattacks. The NSA and CISA say it's imperative that critical infrastructure asset owners and operators secure industrial control systems and other OT systems due to the high risk of cyberattacks launched by foreign threat actors.

This release further extends IoT and unmanaged device visibility and classification, enabling organizations to monitor for risks and proactively strengthen infrastructure via automated segmentation policy generation and enforcement. Ordr SCE discovers every connected device, maps communications patterns, and assesses risks.

Aviatrix, the cloud network platform, announced the sixth major release of its software designed for enterprises transforming their IT infrastructure to public cloud. "We knew from previous experience that the transit networking services offered by the cloud service providers did not consistently offer both the advanced networking and security controls we needed or the ability to support the multi-cloud network architecture we envisioned. Aviatrix delivered both and their single Terraform provider made it easy to fit Aviatrix software into our 'automate everything' culture and operational processes."

Vendor revenue from sales of IT infrastructure products for cloud environments, including public and private cloud, increased 2.2% in the first quarter of 2020 while investments in traditional, non-cloud, infrastructure plunged 16.3% year over year, according to IDC. Pandemic as the major factor driving infrastructure spending. For the full year, investments in cloud IT infrastructure will surpass spending on non-cloud infrastructure and reach $69.5 billion or 54.2% of the overall IT infrastructure spend.

Nutanix announced new solutions that will allow IT teams to deploy, upgrade and troubleshoot their cloud infrastructure while working from anywhere - whether at home or from a central office location. These solutions will be delivered via Nutanix Foundation Central, Insights and Lifecycle Manager - all of which will be available as part of Nutanix HCI software at no additional cost to customers.

A stored cross-site scripting vulnerability in OSIsoft PI System, a product often present in critical infrastructure facilities, can be exploited for phishing, privilege escalation and other purposes. Researchers at industrial cybersecurity company OTORIO discovered that the PI Web API 2019 component of PI System is affected by a stored XSS vulnerability that allows an attacker with limited privileges on the targeted system to conduct various types of activities.

Belden and its Tripwire and Hirschmann brands announced an extended partnership with Forescout to advance cybersecurity for industrial organizations and critical infrastructure. "Network segmentation will be imperative to meet availability requirements for these real-time, next generation industrial automation networks. Belden and Forescout allow operators to begin segmenting their networks today with existing infrastructure, while also providing a trajectory for additional controls as next generation networks are deployed over time."