UPDATE: Why Stuxnet-Like Attacks Aren’t Going Away
Ralph Langner is the closest thing to a rock star that you get in the Dockers and pocket-protector world of industrial control systems. The German researcher made headlines in 2010 as among the first...
View ArticleVideo: Expert Proves Stuxnet’s Link To Iran Nuclear Facilities
When Ralph Langner, an independent security researcher, presented his analysis of specialized code used by the Stuxnet worm to an audience of his peers at the S4 Conference in Miami last month, it was...
View Article60 Minutes Weighs Stuxnet’s Legacy
The security community might understand what the Stuxnet worm did. Now the war is over what the worm means - Stuxnet's legacy, if you will. The latest to weigh in on that question is Steve Croft, of...
View ArticleProject Basecamp Adds Stuxnet-type Attack Module to Metasploit
UPDATE: Project Basecamp, a volunteer effort to expose security holes in industrial control system software, unveiled new modules on Thursday to exploit holes in common programmable logic controllers...
View ArticleTough Love Triumphs: SCADA Vendor Koyo Fixes Basecamp Bugs
Industrial control system vendor Koyo moved to fix vulnerabilities in its ECOM brand programmable logic controllers (PLCs) after researchers, in January, revealed that the devices were vulnerable to...
View ArticleBackdoor In Equipment Used For Traffic Control, Railways Called “Huge Risk”
UPDATE: Security researchers are warning about the risk posed by an embarrassing security hole in industrial control software by the firm RuggedCom. A hidden administrative account could give remote...
View ArticleRuggedCom: Dust Hasn’t Cleared From Backdoor Account Revelation
The dust still hasn't cleared from revelations that many of RuggedCom brand networking products contain an easily-exploited back door account, and that it is working on a fix for the problem, according...
View ArticleCERT Warns On Critical Hole In SCADA Software By Italian Firm Progea
The U.S. Department of Homeland Security issued a bulletin on Thursday warning readers about a previously undisclosed, critical vulnerability in Movicon 11, a product used to manage critical...
View ArticleSiemens Patches Stuxnet-Like SCADA Bugs
German industrial control system manufacturer Siemens announced Monday that it had patched holes in some of its products that appear to resemble holes used by the famous Stuxnet worm in 2010. If left...
View ArticleRuggedCom Devices Have Hard-Coded SSL Keys
Siemens subsidiary RuggedCom’s Rugged Operating System (ROS) contains a vulnerability that could give an attacker the ability to decrypt SSL traffic between RuggedCom networking equipment and...
View ArticleSiemens Patches Security Vulnerabilities in ICS Equipment
Industrial control systems manufacturer, Siemens, has released new versions of its SIMATIC S7-1200 CPU family, resolving six security vulnerabilities in that product, and its SIMATIC S7-1200 PLC...
View ArticleSiemens Ruggedcom Addresses BEAST Flaw in WiMax Products
The BEAST attack on some TLS implementations made major news when it was disclosed, showing that attackers could intercept and decrypt SSL-protected sessions in real time, breaking a significant...
View ArticleSiemens Working on Patches for OpenSSL Bugs Under Exploit
OpenSSL vulnerabilities discovered in a number of Siemens industrial control systems are being exploited in the wild. The company has updates available for some, but not all, of the affected products.
View ArticleSiemens Patches Five Vulnerabilities in SIMATIC System
Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of issues, four of which are remotely exploitable.
View ArticleSiemens Patches DoS Vulnerability in SIMATIC S7 PLC
Siemens released an update for its SIMATIC S7-1500 CPU last week, patching a denial of service vulnerability in the programmable logic controller.
View ArticleSiemens Patches Five Vulnerabilities in SIMATIC WinCC for PCS 7
Siemens has patched five vulnerabilities in its SIMATIC PCS 7 system that could result in privilege escalation and give an attacker unauthenticated access to sensitive data.
View ArticleSiemens Patches WinCC Vulnerabilities Likely Being Exploited
Siemens has patched two critical vulnerabilities in the WinCC application in a number of its products; the flaws are likely being exploited, ICS-CERT and Siemens said.
View ArticleSiemens Fixes Web Vulnernability in SIMATIC PLC
Siemens has patched a web vulnerability in its SIMATIC PLC family of products that could have led unsuspecting users to malicious sites
View ArticleSiemens ICS Switches Hit With Buffer Overflow, Authentication Bugs
There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the...
View ArticlePatched Windows Machines Exposed to Stuxnet LNK Flaw All Along
Microsoft released a new patch for the LNK vulnerability exploited by Stuxnet after it learned original patch from 2010 failed and left Windows machines exposed.
View Article
More Pages to Explore .....