Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
Researchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can …
Critical infrastructure cyberattacks signaling the importance of prioritizing security
Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The …
Making transparency a norm in cybersecurity
The general lack of transparency around cybersecurity continues to be one of the largest factors holding back the combined ability of the public and private sector to truly …
Optiv Security Enterprise IoT Lab helps identify, assess, and mitigate IoT device security challenges
Optiv Security unveiled its Enterprise Internet of Things (IoT) Lab in response to a growing and ever-present pain point for client security leaders – the proliferation of IoT …
Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack
Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. …
OpenDXL Ontology: An open source language for connecting cybersecurity tools
The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common …
CDPwn vulnerabilities open millions of Cisco enterprise devices to attack
If you have Cisco equipment in your enterprise network – and chances are good that you have – you should check immediately which feature the newly revealed CDPwn …
MDhex vulnerabilities open GE Healthcare patient monitoring devices to attackers
Researchers have discovered six critical and high-risk vulnerabilities – collectively dubbed MDhex – affecting a number of patient monitoring devices manufactured …
Insight Partners to acquire Armis at a valuation of $1.1 billion
Armis, the leader in enterprise IoT security, has agreed to be acquired by Insight Partners (Insight), a global software investor respected for its track record of scaling up …
Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Bleedingbit: Critical vulnerabilities in BLE chips expose millions of access points to attack
Armis today announced the discovery of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI) and used in Cisco, Meraki and Aruba …