Emerson’s Post

Critical Security Flaw Detected in WAGO Industrial Managed Switch A severe security vulnerability, tagged as CVE-2023-4149, has been identified in the #WAGO Industrial Managed Switch, posing a significant risk to industrial control systems (#ICS) and critical #infrastructure environments. The vulnerability has a CVSS score of 9.8, indicating its critical severity. #Unauthenticated #remote attackers can exploit this vulnerability to inject arbitrary system commands and gain full control over the affected device, executing commands with #root privileges. The vulnerability resides in the web-based management interface of the WAGO Industrial Managed Switch. By exploiting this flaw, an attacker can manipulate user requests to execute arbitrary commands on the device, effectively gaining full control over its operations. The implications of this vulnerability are significant due to the device’s role in industrial control systems, where unauthorized access could lead to catastrophic consequences. If exploited, CVE-2023-4149 could enable an attacker to gain full system control, disrupt operations, steal sensitive data, and potentially cause physical damage to connected equipment. To mitigate the risk associated with CVE-2023-4149, organizations are advised to restrict network access to the WAGO Industrial Managed Switch, avoid connecting the device directly to the public internet, and promptly apply the latest firmware updates provided by WAGO. Advisory: https://lnkd.in/gr6JynEw

Just thinking about OT Security...has anyone had their automation system vendor transfer the data they are collecting for security purposes? What about anyone in OT Security that is implementing power shell scripts that dump security information similar to what an EDR is doing. Are there any OT Security folks implementing a strategy? What about pulling a forensics image of every OT system component and adjacent system in layer 3 and 3.5. Are there any companies that have successfully implemented such a strategy? #siemensenergy #abb #rockwell

The Power of Removable Media Eraser A removable media eraser is a tool or software designed to securely delete data from removable storage devices such as USB flash drives, external hard drives, SD cards, and other similar media. The primary purpose of such software is to ensure that sensitive information stored on these devices cannot be recovered once deleted. Check this out! https://lnkd.in/dWRDfYCk

The frequency of #cyberattacks targeting #CriticalInfrastructureandIndustrialControlSystems (ICS) continues to rise, posing a significant threat to vital operations. To secure Critical Infrastructure environments, it is vital to keep a holistic view and look at every part of the network, both the IT (Information Technology) and OT (Operational Technology) parts, investigate the systems and processes in each zone, analyze the attack vectors and risk, and provide recommended security controls. https://lnkd.in/du8V3c32

🔗 Excited to share our latest blog post on "Towards Zero-Trust 6GC: A Software Defined Perimeter Approach with Dynamic Moving Target Defense Mechanism." Learn about the innovative solution of Software Defined Perimeter as an alternative to VPNs to foster a secure zero-trust milieu within the 6G Core networks. Read the full article here: https://bit.ly/3H4jIWu #networksecurity #6G #SDP #movingtargetdefense

Zero Trust tells us to assume breach, so how do you mitigate the damages once the barbarians are no longer at the gates but inside the walls? Read our new Data Lifecycle Protection blog to learn how Broadcom can help.

👎 Restoring dissimilar hardware is like trying to mix water and oil. Fortunately, we made secure backup and recovery easy for Digital Industries (a partner of Sasol). Here's how: ✅ Resolved compatibility challenges. ✅ Reliably restored data to dissimilar hardware. ✅ Ensured swift migration between virtual and physical systems. ✅ Met stringent compliance standards. Read our case study to find out more ➡️ https://lnkd.in/gQzWWTkP #CyberProtection #DataProtection #Backup

A couple of initial takeaways from Network+: 1. Selecting, running, connecting, testing and otherwise managing cables and connectors is way more important and complicated than I expected. 2. There are loads of ways to compromise information security at Layer 1. Credit: Mike Meyers

Zero Trust tells us to assume breach, so how do you mitigate the damages once the barbarians are no longer at the gates but inside the walls? Read our new Data Lifecycle Protection blog to learn how Broadcom can help.

Zero Trust tells us to assume breach, so how do you mitigate the damages once the barbarians are no longer at the gates but inside the walls? Read our new Data Lifecycle Protection blog to learn how Broadcom can help.