Industrial Control Systems

69dafe8b58066478aea48f3d0f384820

NSA Wary of Potential Hacktivist Threat to Power Grid

February 21, 2012 Added by:Headlines

"Grid officials said their systems face regular attacks, and they devote tremendous resources to repelling invaders, whether from Anonymous or some other source. The industry is engaged and stepping up widely to respond to emerging cyber threats..."

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: 7Technologies TERMIS DLL Hijacking

February 21, 2012 Added by:Infosec Island Admin

The 7T TERMIS software is vulnerable to DLL Hijacking. An attacker may place a malicious DLL in a directory where it will be loaded before the valid DLL. This vulnerability may allow execution of arbitrary code and may be exploitable from a remote machine...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Cybersecurity Act of 2012 - Cybersecurity Collides with Risk

February 19, 2012 Added by:Rafal Los

This is just a chance to create some new regulatory-agency office, hire a bunch of new auditors, attorneys, experts, and waste more time rather than actually making critical infrastructure more risk-averse...

Comments  (0)

759c37c6aff04cd46262f93652b5fad5

Smart Meter Security Testing

February 15, 2012 Added by:Spencer McIntyre

While reviewing the communication used by a couple of smart meters, it was found that the user did not have to properly authenticate himself to read certain pieces of data and that some data could be written to the device without the use of a proper C12.18 Security Request...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Koyo Ecom100 Brute Force Cracking Tool

February 15, 2012 Added by:Headlines

A brute force password cracking tool has been released that targets the weak authentication vulnerability in the Koyo ECOM100 Ethernet Module. This tool may greatly reduce the time and skill level required to attack a vulnerable system...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

What's More Important - Vulnerabilities or Actual Incidents?

February 13, 2012 Added by:Joe Weiss

To at least some of us in the control systems community these vulnerabilities are not unexpected. The fact that many of these systems are also connected to the Internet as Eireann Leverett demonstrated is also not new, even though the numbers of control system connected to the Internet are striking.

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Invensys Wonderware HMI XSS Vulnerabilities

February 09, 2012 Added by:Headlines

Researchers Billy Rios and Terry McCorkle have identified cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product that could result in data leakage, denial of service, or remote code execution...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Punzenberger COPA-DATA HMI Vulnerabilities

February 08, 2012 Added by:Headlines

Researcher Kuang-Chun Hung has identified multiple denial-of-service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system which may allow an attacker to execute a DoS attack and potentially execute arbitrary code...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Stuxnet: Are We Safe Now? Of Course Not...

January 31, 2012 Added by:Plagiarist Paganini

We are fighting with an invisible enemy. We are under attack, and we have no idea of the potentiality of agents that theatrically could remain in stealth mode inside the target, avoiding security systems for several years, gathering information and preparing the final attack...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

10,358 Industrial Control Systems Connected to the Internet

January 27, 2012 Added by:Joel Harding

Hackers rely upon human error to allow them to penetrate many systems because systems administrators fail to secure their systems. Many of the owners of the systems were not even aware their system was hooked up to the internet. This should be cause for alarm...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)

5cbe1364caf51f95cac6484a832d66d0

Curran-Gardner: A Smoking Gun, But Where's the Body?

January 25, 2012 Added by:Bob Radvanovsky

Curran-Gardner: A contractor for a control systems outsourcing company had accessed one of his customer's systems from a foreign country, only to be confused with a foreign-national actor with malicious intent, but one question still remains: What really happened to the pump?

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Cyberwar Comes to a Mall in Fresno? Not so Much...

January 24, 2012 Added by:Infosec Island Admin

A Pastebin dump alleged to be from Anonymous has forty-nine IP addresses with SCADA systems on them. Furthermore, those systems were claimed to not have any authentication on them whatsoever. I checked the IP’s and I have to say “meh” on this little dump by the skiddies...

Comments  (5)

94ae16c30d35ee7345f3235dfb11113c

Maritime Cybersecurity Low to Non-Existent

January 24, 2012 Added by:Joel Harding

Instead of buying a ship for the relatively cheap price of $15 million, one could simply take control of the ship remotely and guide it into a target from thousand of miles away. Imagine the boom that 135 million cubic yards of natural gas could make if an LNG ship were run aground...

Comments  (12)

5cbe1364caf51f95cac6484a832d66d0

More Exposure to SCADA Devices Through Shodan

January 22, 2012 Added by:Bob Radvanovsky

Wile I am certain that the majority of this membership knows what Shodan is, honestly, it represents slightly more than an automated port scanner reporting back on some of the more common open ports (HTTP, SNMP, telnet) that appear to be pingable throughout the Internet...

Comments  (3)

Page « < 8 - 9 - 10 - 11 - 12 > »