Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA April 7 Rockwell Automation/Allen-Bradley PLC mitigation advisory

Advisory/Mitigation
First reported
Last updated
Happening score
H score 32
2 unique sources, 2 articles

Summary

Hide ▲

CISA and authoring agencies issued April 7 mitigation guidance for internet-facing OT assets, warning that US critical infrastructure operators using Rockwell Automation/Allen-Bradley PLCs face ongoing compromise risk. The advisory urges organizations to review TTPs and IOCs for signs of current or historical activity and apply the listed mitigations to reduce exposure.

Related Happenings

CISA-led joint advisory to secure internet-exposed ATG systems

Public Sector Action
H score43 First: 05.06.2026 17:50 Last: 05.06.2026 17:50 Sources 1

About this happening: On **2026-06-05**, **CISA**, the **FBI**, the **NSA**, the **Department of Energy**, and other U.S. partners issued a **joint advisory** telling **critical infrastructure organiza...

CISA automatic tank gauge system mitigations

Advisory/Mitigation
H score20 First: 02.06.2026 15:00 Last: 02.06.2026 15:00 Sources 1

About this happening: **CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
H score33 First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

CISA releases CI Fortify guidance for critical infrastructure resilience

Public Sector Action
H score29 First: 05.05.2026 15:00 Last: 05.05.2026 15:00 Sources 1

About this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...

Latest development: 06.05.2026 16:15

CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.

CISA-led zero-trust guide for OT environments

Public Sector Action
H score31 First: 30.04.2026 17:00 Last: 30.04.2026 17:00 Sources 1

About this happening: US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...

Timeline

  1. 08.04.2026 11:15 2 articles · 3mo ago

    CISA issues mitigation guidance for internet-facing Rockwell PLC exposure

    Mitigation Patch Update

    CISA issued urgent mitigation guidance for US critical infrastructure operators using internet-facing Rockwell Automation/Allen-Bradley PLCs, warning that attackers were targeting OT assets across government services and facilities, water and wastewater systems, and energy. The advisory described malicious use of Studio 5000 Logix Designer to create an "accepted connection" to targeted PLCs via overseas IP addresses and third-party hosted infrastructure, noted malicious traffic on ports 44818, 2222, 102, 22, and 502, and said port 22 activity involved Dropbear Secure Shell (SSH) software on victim endpoints for remote access; recommended actions included reviewing TTPs and IOCs, using secure gateways and firewalls, checking logs for suspicious traffic, and placing Rockwell Automation controllers in the run position.

    Show sources