Security News
Siemens has signed an agreement to acquire Cambridge, UK-based UltraSoC Technologies, a provider of instrumentation and analytics solutions that put intelligent monitoring, cybersecurity and functional safety capabilities into the core hardware of system-on-chip. The addition of UltraSoC to Siemens enables a unified data-driven infrastructure that can enhance product quality, safety and cybersecurity, and the creation of a comprehensive solution to help semiconductor industry customers overcome key pain points including manufacturing defects, software and hardware bugs, device early-failure and wear-out, functional safety, and malicious attacks.
Expanding on their long-term partnership, Siemens and IBM announce the availability of a new solution designed to optimize the Service Lifecycle Management of assets by dynamically connecting real-world maintenance activities and asset performance back to design decisions and field modifications. This new solution establishes an end-to-end digital thread between equipment manufacturers and the owner/operators of that equipment by leveraging elements of the Xcelerator portfolio from Siemens Digital Industries Software and IBM Maximo.
Siemens' LOGO! programmable logic controllers are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service attacks and modify the device's configuration. According to Siemens, the vulnerabilities impact all versions of its LOGO!8 BM devices, which are designed for basic control tasks.
Artificial intelligence company SparkCognition and German industrial giant Siemens have joined forces for an industrial security solution designed for the energy sector. The new solution, named " DeepArmor Industrial, fortified by Siemens," combines SparkCognition's AI-powered cyber defense solution DeepArmor with Siemens' expertise in operational technology security to help organizations protect endpoints and remote assets.
Today, Siemens and industrial AI-firm, SparkCognition, announced a new cybersecurity solution for industrial control system endpoints. According to a joint study conducted by the Ponemon Institute and Siemens that surveyed global energy industry executives, 67% of respondents said industrial control systems are more at risk today from cyberattack than ever before.
Siemens informed customers on Tuesday that some of its low and high voltage power meters are affected by the Wind River VxWorks vulnerabilities dubbed Urgent/11. According to Siemens, its Power Meter 9410 and 9810 series products are affected by ten of the eleven Urgent/11 flaws.
Siemens has released six new advisories for its April 2020 Patch Tuesday updates, including three that inform customers about the impact of the SegmentSmack vulnerability on some of the company's industrial products. Researcher Juha-Matti Tilli discovered in 2018 that the Linux kernel was affected by two vulnerabilities that could be exploited to launch remote denial-of-service attacks by sending specially crafted packets to the targeted system.
A serious vulnerability found in the Profinet industrial communication protocol exposes devices from Siemens, Moxa and possibly other vendors to denial-of-service attacks. The company's researchers have confirmed that the vulnerability impacts products from Siemens and Moxa that use Profinet, but they believe products from other vendors may be affected as well.
Siemens' Patch Tuesday updates for February 2020 address serious denial-of-service vulnerabilities in several of the company's products. Siemens SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC products are affected by a high-severity DoS flaw if encrypted communication is enabled.
Siemens this week addressed several vulnerabilities and warned customers about the security risks associated with the use of ActiveX in industrial products. ActiveX has been known to pose serious security risks and it's currently only supported by Microsoft on Internet Explorer - ActiveX is not supported by other browsers such as Chrome, Safari or Firefox.