๐Ÿท๏ธ industrial-security

5 articles tagged industrial-security.

VoltRuptor: The ICS/SCADA Malware Being Sold on Dark Web Markets That Targets Industrial Infrastructure

VoltRuptor: The ICS/SCADA Malware Being Sold on Dark Web Markets That Targets Industrial Infrastructure

A sophisticated ICS and SCADA malware toolkit called VoltRuptor, attributed to a group calling itself the Infrastructure Destruction Squad, is being sold through dark web channels in 2026. The malware supports multiple industrial protocols, includes persistence and anti-forensics capabilities, and is designed explicitly to cause operational disruption in industrial environments. Its availability as a commercial product lowers the barrier to sophisticated OT attacks significantly.

 Industrial Routers Under Botnet Attack: Four-Faith and ASUS Vulnerabilities Being Actively Exploited in OT Networks

Industrial Routers Under Botnet Attack: Four-Faith and ASUS Vulnerabilities Being Actively Exploited in OT Networks

Two vulnerabilities in widely deployed industrial and commercial routers are being actively exploited by botnets in May 2026. CVE-2024-9643 in Four-Faith F3x36 Industrial Cellular Routers, scoring 9.8 on CVSS, allows full administrative control without authentication. CVE-2018-5999 in ASUS AsusWRT routers, a vulnerability from 2018, has been re-weaponized by the RondoDox botnet as of May 17, 2026. Both vulnerabilities are being used to build botnet infrastructure, and compromised industrial routers in OT environments create paths from the internet directly into production control systems.

 Manufacturing Ransomware's 'New Normal': 800 Victims, Data Extortion, and Four Groups Running the Show

Manufacturing Ransomware's 'New Normal': 800 Victims, Data Extortion, and Four Groups Running the Show

Q1 2026 ransomware data confirms manufacturing's sustained crisis: 800+ victims across all sectors, attack volumes holding steady quarter-over-quarter, and a structural shift toward data extortion replacing traditional encryption. Four groups โ€” RansomHub, SafePay, Akira, and Qilin โ€” are running the industrial targeting playbook.

 Masjesu: The Commercial IoT Botnet That Sells 290 Gbps DDoS Attacks on Telegram โ€” and Targets Your Factory Floor

Masjesu: The Commercial IoT Botnet That Sells 290 Gbps DDoS Attacks on Telegram โ€” and Targets Your Factory Floor

Security researchers have exposed Masjesu, a sophisticated IoT botnet sold as a DDoS-for-hire service on Telegram. It targets routers and gateways across ARM, MIPS, and AMD64 architectures โ€” and has begun extorting smart manufacturing operations.

 Manufacturing Under Siege: 89 Ransomware Attacks in 30 Days Signal Industry's Most Dangerous Era

Manufacturing Under Siege: 89 Ransomware Attacks in 30 Days Signal Industry's Most Dangerous Era

Manufacturing is now the #1 ransomware target for five consecutive years. 89 confirmed attacks in 30 days reveals a structural shift โ€” attackers are going after OT/ICS systems, not just IT infrastructure.

โ† All topics

Ask Sage ๐Ÿค–