Public awareness of industrial system attacks is finally catching up to what security professionals have known for years.
On The Cybersecurity Defenders Podcast, Justin Searle, Director of ICS Security at InGuardians, traces the shift from Conficker in 2008 taking out OT systems on flat networks to Stuxnet in 2010 making the warfare implications clear.
Since then, awareness among governments and critical infrastructure operators has grown steadily, and so have the attacks.
The full conversation covers a lot of ground:
> Why ICS environments are uniquely difficult to patch and harden
> How penetration testing in OT requires a fundamentally different approach
> Whether smart grid technology expands the attack surface or improves it
> What security professionals need to understand before working in these environments
Listen to the full episode: https://www.youtube.com/watch?v=0QoJR0-gCrE
Apropos of nothing. Samsun Pide for lunch as a rare treat.
๐๏ธ On this episode of the Nexus Podcast, Michael Pyle, Director of Product Cybersecurity at Schneider Electric (SE), joins host Mike Mimoso to discuss Internet Exposure Prevention, a new SE approach to preventing illicit connections to internet-facing #OT and #industrial control systems (ICS).
๐ง Tune in to the full episode: https://nexusconnect.io/podcasts/nexus-podcast-michael-pyle-on-securing-internet-facing-ot-ics-assets
๐ฐ Network Gear Surpasses Endpoints as Top Cyber Risk, Forescout Warns
๐ Risk shift: Network gear like routers & switches are now the #1 riskiest devices, surpassing endpoints, warns Forescout. Attackers are targeting the 'messy middle' of networks for lateral movement. #CyberSecurity #Forescout #IoT #OT
#OT #Advisory VDE-2026-018
CODESYS Control V3 - Externally-controlled format string in Auditlog
The CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.
#CVE CVE-2026-3509
https://certvde.com/en/advisories/vde-2026-018/
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-03_vde-2026-018.json
#OT #Advisory VDE-2026-011
CODESYS Control V3 - Untrusted boot application
The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.
#CVE CVE-2025-41660
https://certvde.com/en/advisories/vde-2026-011/
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json
#OT #Advisory VDE-2026-025
Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual
Multiple vulnerabilities have been discovered in Helmholz myREX24V2 / myREX24V2.virtual that could allow unauthenticated RCE or SQLi.
#CVE CVE-2026-32968, CVE-2026-32969
https://certvde.com/en/advisories/vde-2026-025/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-025.json
#OT #Advisory VDE-2026-024
MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24
Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow unauthenticated RCE or SQLi.
#CVE CVE-2026-32968, CVE-2026-32969
https://certvde.com/en/advisories/vde-2026-024/
#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-024.json
#OT #Advisory VDE-2026-020
WAGO: Vulnerability in managed switches
A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.
#CVE CVE-2026-3587
https://certvde.com/en/advisories/vde-2026-020/
#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-020.json
buherator
LimaCharlie
Onno (VK6FLAB)
Claroty
CyberNetsecIO
CERT@VDE
