SCADA
Ask The Experts: Important SCADA Security Tips
September 16, 2012 Added by:Brent Huston
Utilities have been computerizing their SCADA systems for years now. This has allowed them to save money, time and manpower and has increased their situational awareness and control flexibility. However, industrial control systems are usually not very robust and also very ‘dumb...
Comments (0)
Maine Supreme Court Affirms Smart Meter Opt-Out Program
September 09, 2012 Added by:David Navetta
Maine has been one of the most aggressive states to pursue widespread implementation of smart utility meters for customers throughout the state, but not all utility customers have embraced smart meters despite consumers concerns over privacy issues...
Comments (0)
Utility Breach Prompts Enforcement and Industry-Wide Security Review
September 06, 2012 Added by:David Navetta
Expect an uptick in privacy enforcement by state utility regulators. Utilities across the country are advised to review their information security programs (including vendor management requirements) and breach response processes to address their regulators' concerns...
Comments (0)
ICS-CERT: GarrettCom Magnum Privilege Escalation
September 04, 2012 Added by:Infosec Island Admin
Successful exploitation of this vulnerability could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service...
Comments (0)
ICS-CERT: Shamoon - DistTrack Malware
August 30, 2012 Added by:Infosec Island Admin
W32.DistTrack, also known as “Shamoon,” is an information-stealing malware that also includes a destructive module. Shamoon renders infected systems useless by overwriting the Master Boot Record (MBR), the partition tables, and most of the files with random data. Once overwritten, the data are not recoverable...
Comments (0)
ICS-CERT: Oil and Natural Gas Pipeline Intrusion Campaign
August 28, 2012 Added by:Infosec Island Admin
ICS-CERT onsite analysis included a search for host-based and network-based indicators to identify additional hosts for further analysis. ICS-CERT hashed files from approximately 1700 machines and compared them to hashes of known malicious files and examined proxy logs to identify any suspicious network activity...
Comments (0)
ICS-CERT: Key Management Errors in RuggedCom’s ROS
August 23, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a report of hard-coded RSA SSL private key within RuggedCom’s Rugged Operating System (ROS). The vulnerability with proof-of-concept (PoC) exploit code by security researcher Justin W. Clarke can be used to decrypt SSL traffic between an end user and a RuggedCom network device...
Comments (0)
ICS-CERT: Tridium Niagara Vulnerabilities Update
August 17, 2012 Added by:Infosec Island Admin
Independent security researchers have identified multiple vulnerabilities in the Tridium Niagara AX Framework software including directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely...
Comments (0)
ICS-CERT: Siemens COMOS Privilege Escalation Vulnerability
August 16, 2012 Added by:Infosec Island Admin
Siemens has reported a privilege escalation vulnerability in the Siemens COMOS database application. Authenticated users with read privileges could escalate their privileges by exploiting this vulnerability. Thus, the attacker is able to gain administrator access to the database...
Comments (0)
ICS-CERT: Gauss Information Stealing Malware
August 14, 2012 Added by:Infosec Island Admin
Kaspersky Lab recently released a report on a new information-stealing malware they have named “Gauss" which is designed to collect information and send the data to its command-and-control servers. Gauss was predominantly on systems in the Middle East, but has also been detected on networks in the US...
Comments (0)
ICS-CERT: Siemens Synco OZW Web Server Vulnerability
August 13, 2012 Added by:Infosec Island Admin
Siemens has reported to ICS-CERT that a default password vulnerability exists in the Siemens Synco OZW Web Server device used for building automation systems. Siemens urges their customers to set a secure password on their device’s web interface. This vulnerability could be exploited remotely...
Comments (0)
Smart Grid Security: Getting Better, But Needs Improvement
August 09, 2012 Added by:Brent Huston
There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...
Comments (0)
ICS-CERT: SpecView Directory Traversal Vulnerability
August 08, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting SpecView when a specially crafted request is passed to the web server running on Port 80\TCP. Successful exploitation could result in data leakage...
Comments (0)
ICS-CERT: SIMATIC S7-400 Denial of Service Vulnerabilities
August 07, 2012 Added by:Infosec Island Admin
Siemens has reported DoS vulnerabilities in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. When specially crafted packets are received on Ethernet interfaces by the SIMATIC S7-400, the device can default into defect mode. A PLC in defect mode needs to be manually reset to return to normal operation...
Comments (0)
Top Cyber Security Experts Meet for Smart Grid Security Summit
August 07, 2012 Added by:Larry Karisny
From securing Intrusion Prevention Systems (IPS) that now must securely encrypt the new end point of nano sensors chip sets to Intrusion Detection Systems (IDS) that must now be able to view real time event anomalies and business processes, this discussion showed the need for security technology change...
Comments (0)
ICS-CERT: ICONICS GENESIS32 and BizViz Vulnerabilities
August 06, 2012 Added by:Infosec Island Admin
Researchers identified an authentication bypass vulnerability leading to privilege escalation in the ICONICS GENESIS32 and BizViz applications whcih can allow an attacker to bypass normal authentication methods, granting full administrative control over the system...
Comments (0)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform