Blog Posts Tagged with "SCADA"
ICS-CERT: Shamoon - DistTrack Malware
August 30, 2012 Added by:Infosec Island Admin
W32.DistTrack, also known as “Shamoon,” is an information-stealing malware that also includes a destructive module. Shamoon renders infected systems useless by overwriting the Master Boot Record (MBR), the partition tables, and most of the files with random data. Once overwritten, the data are not recoverable...
Comments (0)
ICS-CERT: Oil and Natural Gas Pipeline Intrusion Campaign
August 28, 2012 Added by:Infosec Island Admin
ICS-CERT onsite analysis included a search for host-based and network-based indicators to identify additional hosts for further analysis. ICS-CERT hashed files from approximately 1700 machines and compared them to hashes of known malicious files and examined proxy logs to identify any suspicious network activity...
Comments (0)
Potential Collateral Damage from an Israeli First Strike on Iran
August 26, 2012 Added by:Richard Stiennon
Carbon whiskers unleashed to disable transformers? Oh yes. Just a few grams got released into the atmosphere and shorted out transformers throughout the Pacific Northwest. I do not like the idea of kilograms of this escaping the target area. It could be decades before power grids are free of this menace...
Comments (1)
ICS-CERT: Tridium Niagara Vulnerabilities Update
August 17, 2012 Added by:Infosec Island Admin
Independent security researchers have identified multiple vulnerabilities in the Tridium Niagara AX Framework software including directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely...
Comments (0)
ICS-CERT: Siemens COMOS Privilege Escalation Vulnerability
August 16, 2012 Added by:Infosec Island Admin
Siemens has reported a privilege escalation vulnerability in the Siemens COMOS database application. Authenticated users with read privileges could escalate their privileges by exploiting this vulnerability. Thus, the attacker is able to gain administrator access to the database...
Comments (0)
ICS-CERT: Gauss Information Stealing Malware
August 14, 2012 Added by:Infosec Island Admin
Kaspersky Lab recently released a report on a new information-stealing malware they have named “Gauss" which is designed to collect information and send the data to its command-and-control servers. Gauss was predominantly on systems in the Middle East, but has also been detected on networks in the US...
Comments (0)
ICS-CERT: Siemens Synco OZW Web Server Vulnerability
August 13, 2012 Added by:Infosec Island Admin
Siemens has reported to ICS-CERT that a default password vulnerability exists in the Siemens Synco OZW Web Server device used for building automation systems. Siemens urges their customers to set a secure password on their device’s web interface. This vulnerability could be exploited remotely...
Comments (0)
Smart Grid Security: Getting Better, But Needs Improvement
August 09, 2012 Added by:Brent Huston
There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...
Comments (0)
ICS-CERT: SpecView Directory Traversal Vulnerability
August 08, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting SpecView when a specially crafted request is passed to the web server running on Port 80\TCP. Successful exploitation could result in data leakage...
Comments (0)
ICS-CERT: SIMATIC S7-400 Denial of Service Vulnerabilities
August 07, 2012 Added by:Infosec Island Admin
Siemens has reported DoS vulnerabilities in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. When specially crafted packets are received on Ethernet interfaces by the SIMATIC S7-400, the device can default into defect mode. A PLC in defect mode needs to be manually reset to return to normal operation...
Comments (0)
Top Cyber Security Experts Meet for Smart Grid Security Summit
August 07, 2012 Added by:Larry Karisny
From securing Intrusion Prevention Systems (IPS) that now must securely encrypt the new end point of nano sensors chip sets to Intrusion Detection Systems (IDS) that must now be able to view real time event anomalies and business processes, this discussion showed the need for security technology change...
Comments (0)
ICS-CERT: ICONICS GENESIS32 and BizViz Vulnerabilities
August 06, 2012 Added by:Infosec Island Admin
Researchers identified an authentication bypass vulnerability leading to privilege escalation in the ICONICS GENESIS32 and BizViz applications whcih can allow an attacker to bypass normal authentication methods, granting full administrative control over the system...
Comments (0)
ICS-CERT: Sielco Sistemi Winlog Buffer Overflow Vulnerability
August 03, 2012 Added by:Infosec Island Admin
Researchers Carlos Mario Penagos Hollmann of IOActive, Michael Messner, and Luigi Auriemma have separately identified multiple vulnerabilities in Sielco Sistemi’s Winlog application. These vulnerabilities can be remotely exploited. Exploit code is publicly available for these vulnerabilities...
Comments (0)
ICS-CERT: Kessler-Ellis Products Exploit POC
August 02, 2012 Added by:Infosec Island Admin
ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks...
Comments (0)
ICS-CERT: Siemens Simatic Step 7 DLL Vulnerability
July 25, 2012 Added by:Infosec Island Admin
Siemens self-reported a DLL hijacking vulnerability in SIMATIC STEP 7 and SIMATIC PCS 7 software. This vulnerability can be remotely exploited and public exploits are known to target this vulnerability. Siemens has produced a patch that resolves this vulnerability...
Comments (0)
ICS-CERT: Invensys Winderware Intouch 10 DLL Hijack
July 24, 2012 Added by:Infosec Island Admin
Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled search path element vulnerability, commonly referred to as a dll hijack, in Invensys’s Wonderware InTouch application. Successfully exploiting this vulnerability could lead to arbitrary code execution...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)