All news with #ics tag

ABB FLXeon Devices: Multiple Remote-Access Vulnerabilities

⚠ ABB FLXeon devices are affected by multiple high-severity vulnerabilities, including hard-coded credentials, MD5 password hashing without proper salt, and improper input validation that can enable remote code execution. Combined CVSS v4 scores reach up to 8.7 and successful exploitation could allow remote control, arbitrary code execution, or device crashes. ABB and CISA advise disconnecting Internet-exposed units, applying the latest firmware, enforcing physical access controls, and using secure remote-access methods such as properly configured VPNs.

Critical Infrastructure Hack, Burnout, and Music Discussion

🔐 In episode 439 of Smashing Security, Graham Cluley and guest Annabel Berry examine a reported critical infrastructure hack that allegedly exploited default passwords and featured perpetrators boasting on Telegram. They probe how basic misconfigurations can cascade into major incidents and spotlight the human cost of defending organisations — stress, burnout, and leadership failures. The show pairs this sober analysis with lighter cultural asides, including music and media reflections.