In the latest Neeve Newsletter, CISA warns of 20 ICS security flaws, hackers are actively compromising network devices, and industrial control systems are accessible online. These threats demand urgent action—are your systems secure?

This Week’s Cyber Insights

• 🌍 Control Systems Exposed Online

• 🚨 CISA Warns of 20 ICS Vulnerabilities

• 🛑 Hackers Exploit Palo Alto Firewall Flaw

• 📰 Further Alerts & Insights

🌍 Control Systems Exposed Online

Security researcher Fred Gordy found airfield lighting, medical devices, and industrial systems accessible online.

• Exposed systems include digital traffic signs, bank control interfaces, and university networks.

• Attackers could disrupt critical infrastructure, alter settings, or steal sensitive data.

• Urges organizations to assess their exposure and implement stronger access controls.

🤔 The Bigger Picture:

Many organizations are unaware their control systems are accessible online, creating a massive cybersecurity blind spot. Regular audits, firewalls, and secure authentication are crucial to preventing unauthorized access and potential disasters.

Read the full article

🚨 CISA Warns of 20 ICS Vulnerabilities

CISA issued 20 advisories for ICS flaws affecting Siemens, ORing, mySCADA, and Mitsubishi Electric.

• Siemens products, including SIMATIC, SIPROTEC, and Teamcenter, have vulnerabilities leading to unauthorized access and code execution.

• ORing IAP-420 routers and mySCADA software have critical security gaps, requiring immediate firmware updates.

• CISA urges admins to apply patches, enforce network segmentation, and strengthen authentication measures.

🤔 The Bigger Picture:

Industrial control systems are prime targets for cyberattacks, potentially leading to operational disruptions and safety risks. Organizations must act swiftly to patch vulnerabilities, isolate critical infrastructure, and apply multi-layered security controls.

Read the full article

🛑 Hackers Exploit Palo Alto Firewall Flaw

A critical authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS is under active exploitation.

• The flaw allows unauthenticated attackers with network access to invoke PHP scripts, compromising system integrity and confidentiality.

• Palo Alto Networks has released patches for supported versions but will not patch PAN-OS 11.0, which has reached end-of-life (EoL).

• Security researchers at Assetnote published a detailed exploitation write-up upon patch release.

• Exploitation attempts began on February 13, with over 4,400 exposed PAN-OS devices still at risk.

🤔 The Bigger Picture:

The active exploitation of this vulnerability highlights the persistent risks of exposed management interfaces. Organizations using PAN-OS firewalls must immediately patch or upgrade unsupported versions. Additionally, restricting access to firewall management interfaces is critical to mitigating risk. Given the public availability of exploitation details, attacks are expected to escalate in the coming days.

Read the full article

Further Alerts & Insights