Items Tagged with "SCADA"


69dafe8b58066478aea48f3d0f384820

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

January 21, 2012 Added by:Headlines

Multiple vulnerabilities have been with proof-of-concept exploit code affecting Rockwell Automation FactoryTalk, a SCADA/HMI product. The vulnerability is exploitable by sending specially crafted packets to the server. This report was released by Luigi Auriemma...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Schneider Quantum Ethernet Module Vulnerability

January 20, 2012 Added by:Headlines

Researcher Rubén Santamarta previously announced hard-coded credentials in the Schneider Electric Quantum Ethernet Module.Exploitation of these vulnerabilities may allow an attacker to gain elevated privileges, load modified firmware, or perform malicious activities on the system...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

DSecRG Releases WAGO PLC Zero-day Vulnerabilities

January 20, 2012 Added by:Alexander Polyakov

The DSecRG (ERPScan subdivision) researchers, in support of Project BaseCamp, have published a variety of 0-day vulnerabilities for the 750 series WAGO controller, for Wellintech KingSCADA, for and OPC Systems.NET, to draw the public attention to SCADA vulnerabilities...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Hacking PLC SCADA Systems: Easy as Pushing a Button

January 20, 2012 Added by:Dan Dieterle

Metasploit is used for network security and penetration testing. There are automated options that you can use that will try numerous exploits against a system, and give you a remote shell if one works. Taking this technology and adding PLC exploits is truly scary...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: General Electric D20ME PLC Vulnerability

January 20, 2012 Added by:Headlines

The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Take That Israel! All Your SCADA's Are Belong to Us!

January 20, 2012 Added by:Infosec Island Admin

The SCADA were not in default state for passwords, and in general did not seem to be important systems - like government or large power company hardware. Hell, for that matter, none were even water facilities, which I should think in a desert would be kinda important, no?

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

Israeli and Muslim Hackers Bring Knives to Gun Fight

January 19, 2012 Added by:Infosec Island Admin

There was the dropping of the SCADA passwords recently, and that is more along the lines of doing something. As I wrote recently about cyberwar, the real aegis is to damage infrastructure, supply chain failure, and in the end invade or conduct military operations...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Certec EDV GmbH App DoS Vulnerability

January 19, 2012 Added by:Headlines

Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Cogent DataHub Application Vulnerability

January 18, 2012 Added by:Headlines

A cross-site scripting vulnerability exists in the Cogent DataHub application because it lacks server-side validation of query string parameter values. Attacks require that a user visit a URL which injects client-side scripts into the server’s HTTP response...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: 7T IGSS Graphical SCADA System Vulnerability

January 17, 2012 Added by:Headlines

Researcher Kuang-Chun Hung of ICST has identified an unsafe search path vulnerability. Successful exploitation may allow an attacker using social engineering to execute arbitrary code and gain the same privileges as the user that is currently logged into the system...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Open Automation Software OPC Systems Vulnerability

January 13, 2012 Added by:Headlines

Researcher Luigi Auriemma publicly reported a malformed packet vulnerability in Open Automation Software’s OPC Systems.NET. A malformed packet could be sent remotely to cause a denial of service. Public exploits are known to target this vulnerability...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: 3S Smart Software CoDeSys Vulnerabilities

January 10, 2012 Added by:Headlines

Mr. Auriemma publicly disclosed the five vulnerabilities along with proof-of-concept exploit code, including the vulnerability previously coordinated with ICS-CERT by Celil Unuver, without coordination with 3S Smart Software Solutions, ICS-CERT, or any other coordinating entity...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Control System Internet Accessibility Advisory

January 09, 2012 Added by:Headlines

The use of readily available and generally free search tools significantly reduces time and resources required to identify Internet facing control systems. In turn, hackers can use these tools to easily identify exposed control systems, posing an increased risk of attack...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Initiative to Protect the Electric Grid from Cyber Threats

January 09, 2012 Added by:Headlines

The project, a White House initiative led by the DOE in partnership with the DHS, will leverage private industry and public sector experts to build on existing cybersecurity strategies to create a more comprehensive and consistent approach to protecting the nation’s energy delivery system...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Smart-Grid Security Will Force New Ways of Thinking

January 06, 2012 Added by:Larry Karisny

The problem is we can no longer look at IPS and IDS solutions of the past when trying to secure the enormous amount of data now in the grid data. The old way of doing this is just too expensive, too complex, too slow and frankly doesn't get the job done...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Invensys Wonderware InBatch ActiveX Vulnerabilities

January 06, 2012 Added by:Headlines

Three vulnerabilities in Invensys Wonderware InBatch exist in the GUIControls, BatchObjSrv, and BatchSecCtrl ActiveX controls. Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or cause a denial of service (DoS) on systems with affected versions of Wonderware...

Comments  (0)

Page « < 13 - 14 - 15 - 16 - 17 > »