Hello Phil,
I've observed that the TI packages are not updated very regularly so far in D4IoT solution (no more than once per month). Compared to other TI it sounds a bit "light" IMO. Even if it mainly focus on OT, where fortunately there are less specific attacks, having an up-to-date TI package is still useful since many OT assets are somehow connected to the IT network.
So I've two questions:
1) what is the policy around TI update (frequency?), and is it going to be improved?
2) in June/July 22 there have been OT vulns discovered (see ref below). Do you know in which TI package version are they available?
Thank you
Best Regards
Jérôme
June: 56 new OT vulnerabilities
https://www.zdnet.com/article/cisa-warns-over-software-flaws-in-industrial-control-systems/
=> 10 vendors, including Honeywell, Emerson, Motorola, Siemens, JTEKT, Bentley Nevada, Phoenix Contact, Omron, and Yogogawa.
=> « The vulnerabilities include remote code execution (RCE); denial-of-service (DoS); file/firmware/configuration manipulation; compromise of credentials; and authentication bypass. »
(July 14, 15, & 18, 2022) Maliciously Crafted Password Crackers Target Industrial Systems
https://www.dragos.com/blog/the-trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/
=> several vendors impacted (including Siemens and Emerson)