Blog Posts Tagged with "Programmable Logic Controllers"

201d6e4b7cd0350a1a9ef6e856e28341

Misconceptions about Aurora: Why Isn't More Being Done

April 13, 2012 Added by:Joe Weiss

The 2007 Aurora test at the Idaho National Laboratory demonstrated that if someone can gain access to a controller, the attacker will cause physical damage. As Aurora is a gap in protection of the electric grid, one way to prevent an Aurora attack is by hardware mitigation...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wago IPC Multiple Vulnerabilities

April 09, 2012 Added by:Infosec Island Admin

Multiple vulnerabilities affecting the WAGO IPC 758-870, which is an embedded Linux programmable logic controller (PLC)could allow an attacker to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Exploit Tool Releases for ICS Devices Advisory

February 16, 2012 Added by:Headlines

Security researchers and others have released tools exploiting ICS vulnerabilities. These targeted exploits are readily available through various tools and from exploit developers. Multiple threat elements are combining to significantly increase the ICS threat landscape...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Iran Successfully Eradicates Stuxnet Virus Infestation

February 15, 2012 Added by:Headlines

"I would assume that once Iran learned of Stuxnet, then intelligence agencies looked at this method of cyber attack as compromised regardless of how long it has taken Iran to neutralize it. It is a cat and mouse game..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Koyo Ecom100 Brute Force Cracking Tool

February 15, 2012 Added by:Headlines

A brute force password cracking tool has been released that targets the weak authentication vulnerability in the Koyo ECOM100 Ethernet Module. This tool may greatly reduce the time and skill level required to attack a vulnerable system...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Iran Remains Defiant in Confronting Cyber Attacks

February 14, 2012 Added by:Headlines

"Iranian experts possess adequate knowledge to confront cyber threats. All nuclear facilities in the country are immune from cyber attacks... Many viruses are produced in the world every day... there has been no destructive impact inside the country," said Gholam-Reza Jalali...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Siemens Simatic WinCC Vulnerabilities

January 31, 2012 Added by:Headlines

Successful exploitation of these vulnerabilities could allow an attacker to log on to a vulnerable system as a user or administrator with the ability to execute arbitrary code or obtain full access to files on the system. Publicly available exploits are known...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Multiple PLC Zero-Day Vulnerabilities

January 24, 2012 Added by:Headlines

The vulnerabilities purportedly include buffer overflows, backdoors, weak authentication and encryption, and other vulnerabilities that could allow an attacker to take control of the device and interfere or halt the process it controls...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

DSecRG Releases WAGO PLC Zero-day Vulnerabilities

January 20, 2012 Added by:Alexander Polyakov

The DSecRG (ERPScan subdivision) researchers, in support of Project BaseCamp, have published a variety of 0-day vulnerabilities for the 750 series WAGO controller, for Wellintech KingSCADA, for and OPC Systems.NET, to draw the public attention to SCADA vulnerabilities...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Hacking PLC SCADA Systems: Easy as Pushing a Button

January 20, 2012 Added by:Dan Dieterle

Metasploit is used for network security and penetration testing. There are automated options that you can use that will try numerous exploits against a system, and give you a remote shell if one works. Taking this technology and adding PLC exploits is truly scary...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: General Electric D20ME PLC Vulnerability

January 20, 2012 Added by:Headlines

The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT Issues New SCADA Vulnerability Advisory

December 14, 2011 Added by:Headlines

Santamarta uncovered multiple hidden accounts with default passwords in the systems that could allow an attacker to remotely access the network, view and modify the module's firmware, execute arbitrary malicious code, or cause a denial of service interruption...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researcher Traces Stuxnet/Duqu Timeline Back to 2006

December 02, 2011 Added by:Headlines

"May 2006 - Engineers compile code for a component of Stuxnet that will allow them to attack programmable logic controllers, or PLCs, manufactured by Siemens of Germany. Iran's nuclear program uses Siemens PLCs to control the gas centrifuges in its uranium enrichment facilities..."

Comments  (3)

69dafe8b58066478aea48f3d0f384820

Stuxnet II Found in the Wild - Dubbed “Duqu”

October 19, 2011 Added by:Headlines

“Duqu’s purpose is to gather intelligence data and assets from entities such as industrial control system manufacturers in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents..."

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

Anonymous, SCADA, Lulz, DHS, and Motivations

October 18, 2011 Added by:Infosec Island Admin

The motivations of DHS have also been called into question by some. This is especially prescient since they take pains to say that the Anonymous movement “most likely” does not have the technical means and motive to really pull of these types of attacks on the infrastructure. So why even bother?

Comments  (0)

8b5e0b54dfecaa052afa016cd32b9837

Logical Fallacies and the SCADA Security Problem

October 14, 2011 Added by:Craig S Wright

What is at stake is the loss of life and property that will result from compromised SCADA systems. Not just PLCs as the opponents of this position like to presuppose, but Windows XP and other systems that act as controllers. You think this does not occur? Well there you are wrong...

Comments  (3)

Page « < 1 - 2 > »