Items Tagged with "SCADA"


94ae16c30d35ee7345f3235dfb11113c

10,358 Industrial Control Systems Connected to the Internet

January 27, 2012 Added by:Joel Harding

Hackers rely upon human error to allow them to penetrate many systems because systems administrators fail to secure their systems. Many of the owners of the systems were not even aware their system was hooked up to the internet. This should be cause for alarm...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Open Automation Software OPC Systems.NET Vulnerabilities

January 27, 2012 Added by:Headlines

Researcher Luigi Auriemma publicly reported a malformed packet vulnerability in Open Automation Software’s OPC Systems.NET along with proof-of-concept exploit code. Digital Security Research Group publicly reported the vulnerability in a third-party ActiveX control...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: MICROSYS spol. s r.o. PROMOTIC Vulnerabilities

January 26, 2012 Added by:Headlines

The MICROSYS spol. s r.o. PROMOTIC vulnerabilities include directory traversal, ActiveX heap overflow, and ActiveX stack overflow vulnerabilities. Public exploits are known to target these vulnerabilities which may result in denial of service or data leakage...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Ocean Data Systems Dream Report Vulnerabilities

January 25, 2012 Added by:Headlines

A XSS vulnerability exists in the Ocean Data Dream Report application due to the lack of server-side validation of query string parameter values. An attacker with a low skill level can create the XSS exploit. A write access violation vulnerability also exists in the application...

Comments  (0)

5cbe1364caf51f95cac6484a832d66d0

Curran-Gardner: A Smoking Gun, But Where's the Body?

January 25, 2012 Added by:Bob Radvanovsky

Curran-Gardner: A contractor for a control systems outsourcing company had accessed one of his customer's systems from a foreign country, only to be confused with a foreign-national actor with malicious intent, but one question still remains: What really happened to the pump?

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Cyberwar Comes to a Mall in Fresno? Not so Much...

January 24, 2012 Added by:Infosec Island Admin

A Pastebin dump alleged to be from Anonymous has forty-nine IP addresses with SCADA systems on them. Furthermore, those systems were claimed to not have any authentication on them whatsoever. I checked the IP’s and I have to say “meh” on this little dump by the skiddies...

Comments  (5)

94ae16c30d35ee7345f3235dfb11113c

Maritime Cybersecurity Low to Non-Existent

January 24, 2012 Added by:Joel Harding

Instead of buying a ship for the relatively cheap price of $15 million, one could simply take control of the ship remotely and guide it into a target from thousand of miles away. Imagine the boom that 135 million cubic yards of natural gas could make if an LNG ship were run aground...

Comments  (12)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Multiple PLC Zero-Day Vulnerabilities

January 24, 2012 Added by:Headlines

The vulnerabilities purportedly include buffer overflows, backdoors, weak authentication and encryption, and other vulnerabilities that could allow an attacker to take control of the device and interfere or halt the process it controls...

Comments  (0)

5cbe1364caf51f95cac6484a832d66d0

More Exposure to SCADA Devices Through Shodan

January 22, 2012 Added by:Bob Radvanovsky

Wile I am certain that the majority of this membership knows what Shodan is, honestly, it represents slightly more than an automated port scanner reporting back on some of the more common open ports (HTTP, SNMP, telnet) that appear to be pingable throughout the Internet...

Comments  (3)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

January 21, 2012 Added by:Headlines

Multiple vulnerabilities have been with proof-of-concept exploit code affecting Rockwell Automation FactoryTalk, a SCADA/HMI product. The vulnerability is exploitable by sending specially crafted packets to the server. This report was released by Luigi Auriemma...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Schneider Quantum Ethernet Module Vulnerability

January 20, 2012 Added by:Headlines

Researcher Rubén Santamarta previously announced hard-coded credentials in the Schneider Electric Quantum Ethernet Module.Exploitation of these vulnerabilities may allow an attacker to gain elevated privileges, load modified firmware, or perform malicious activities on the system...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

DSecRG Releases WAGO PLC Zero-day Vulnerabilities

January 20, 2012 Added by:Alexander Polyakov

The DSecRG (ERPScan subdivision) researchers, in support of Project BaseCamp, have published a variety of 0-day vulnerabilities for the 750 series WAGO controller, for Wellintech KingSCADA, for and OPC Systems.NET, to draw the public attention to SCADA vulnerabilities...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Hacking PLC SCADA Systems: Easy as Pushing a Button

January 20, 2012 Added by:Dan Dieterle

Metasploit is used for network security and penetration testing. There are automated options that you can use that will try numerous exploits against a system, and give you a remote shell if one works. Taking this technology and adding PLC exploits is truly scary...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: General Electric D20ME PLC Vulnerability

January 20, 2012 Added by:Headlines

The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Take That Israel! All Your SCADA's Are Belong to Us!

January 20, 2012 Added by:Infosec Island Admin

The SCADA were not in default state for passwords, and in general did not seem to be important systems - like government or large power company hardware. Hell, for that matter, none were even water facilities, which I should think in a desert would be kinda important, no?

Comments  (2)

Page « < 13 - 14 - 15 - 16 - 17 > »