Blog Posts Tagged with "Industrial Control Systems"

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Innomate MGuard Weak HTTPS and SSH Keys

June 19, 2012 Added by:Infosec Island Admin

An independent research group has identified an insufficient entropy vulnerability in Innominate’s mGuard network appliance product line which could allow an attacker to obtain the credentials of administrative users and potentially perform a Man-in-the-Middle (MitM) attack...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Sielco Sistemi Winlog Buffer Overflow

June 18, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

The Need for Improved Critical Infrastructure Protection

June 13, 2012 Added by:William Mcborrough

Tackling the problem of critical infrastructure protection will take concerted efforts from the public and private sectors. An appropriate governance structure is needed to avoid the inevitable over-reaction that will follow the inevitable catastrophic attack against our critical infrastructure...

Comments  (4)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Credential Management

June 13, 2012 Added by:Infosec Island Admin

Credential caching should be disabled on all machines. A common technique employed by attackers is referred to as “pass the hash.” The pass the hash technique uses cached password hashes extracted from a compromised machine to gain access to additional machines on the domain...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Cybergate: Stuxnet and Flame are Related

June 11, 2012 Added by:Joel Harding

Contrary to previous reports that Stuxnet and Flame were unrelated, the authors apparently worked together at one point. If this is the case we might begin looking for evidence of more code from Operation Olympic Games floating around. Flame provides a framework for future warfare in cyberspace...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens WinCC Multiple Vulnerabilities

June 08, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Siemens WinCC application, and Siemens identified an additional vulnerability, that may allow an attacker to gain unauthorized access, read from, or write to files and settings on the target system...

Comments  (0)

296634767383f056e82787fcb3b94864

The Myth of the CIA and the Trans-Siberian Pipeline Explosion

June 07, 2012 Added by:Jeffrey Carr

If you repeat a rumor often enough, it becomes a fact. Such is the case with the oft-repeated rumor the CIA was responsible for the Trans-Siberian pipeline explosion in 1982 by sabotaging the SCADA system. The latest iteration of that rumor was in the Washington Post's special report on cybersecurity called Zero Day...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Post-Stuxnet: Siemens Improves ICS-SCADA Security

June 07, 2012 Added by:Headlines

"The introduction of our new Simatic CP and Scalance products only help to bolster Siemens' industrial security portfolio, but as we stress to our customers, there is no silver bullet to cybersecurity threats. Maintaining security is an ongoing process for plants and enterprises"...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

sKyWIper-Flame Malware Cryptographic Collision Attack

June 07, 2012 Added by:Infosec Island Admin

The sKyWIper malware uses a new cryptographic collision attack in combination with the terminal server licensing service certificates to sign code as if it came from Microsoft. However, code-signing without performing a collision is also possible. This is an avenue for compromise that may be used by additional attackers..

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Detection and Mitigation Recommendations

June 06, 2012 Added by:Infosec Island Admin

While it might seem reasonable to find and eliminate the intruder on a machine-by-machine basis as compromised hosts are identified, unless the response execution prevents lateral movement of the adversary across the network, the cleanup process will likely not succeed...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Preserving Forensic Data

June 01, 2012 Added by:Infosec Island Admin

Preserving forensic data is an essential aspect of incident response. The data acquired during the process is critical to containing the intrusion and improving security to defend against the next attack. Network defenders should make note of the following recommendations for retention of essential forensic data...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Cyberwar Threats and Critical Infrastructure Vulnerabilities

May 31, 2012 Added by:Headlines

"Targeted attacks are increasing dramatically. It could be state sponsored or it could be just hacktivists or it could be a cyber criminal organisation. But we know the number one target is government institutions and the second is manufacturing, including oil and gas..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Emerson DeltaV Multiple Vulnerabilities

May 31, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Emerson DeltaV application which can be can be exploited by a remote attacker and could allow denial of service, information disclosure, or remote code execution. Emerson has produced a hotfix that mitigates these vulnerabilities...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: RuggedCom Weak Cryptography for Passwords

May 30, 2012 Added by:Infosec Island Admin

A researcher identified a default backdoor user account with a weak password encryption vulnerability in the RuggedCom Rugged Operating System which could allow an attacker can use a simple publicly available script to generate the default password and gain administrative access to the unit...

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

On Air Gaps and Killer Toothbrushes

May 28, 2012 Added by:Chris Blask

Air gaps do not and should not exist. Patching vulnerabilities won't make systems secure. Standards and regulations are here to stay. The threat will surpass our ability to tolerate it long before we can re-engineer and re-deploy every vulnerable system. These are all just facts...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: xArrow Multiple Vulnerabilities

May 25, 2012 Added by:Infosec Island Admin

Security researcher Luigi Auriemma identified and released four security vulnerabilities, along with proof-of-concept code, in the xArrow software application which may cause a denial-of-service condition or allow an attacker to execute arbitrary code...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »