1492 matches found
Siemens Says It Will Patch Remote Authentication Holes
After first denying their existence, a Siemens spokesman acknowledged on Thursday that his company was aware of a series of security vulnerabilities in its software that could allow remote attackers to take control of industrial control systems. Siemens issued a statement in response to complaint...
Stuxnet Part II, III and IV
The nation-state sponsored malware arms race is on. Stuxnet may have been the “Shot heard round the world” but we think its likely that 2012 will witness a number of other skirmishes, with malware linked to foreign governments hostile to or allied with U.S. and Western nations infecting and...
Homeland Security Warns SCADA Operators Of Internet-Facing Systems
In the wake of the hack of water and sewer infrastructure operated by a Texas community, the Department of Homeland Security is again warning owners and operators of critical infrastructure to take note of SCADA and industrial control systems that may be accessible from the Internet. DHS’s...
Hacker Claims He Breached Texas Water Plant
A hacker claims to have breached a water utility in Texas and has posted reputed screenshots online to prove it. The water plant targeted by the hacker, who uses the alias “Pr0f”, is in the Harris County city of South Houston. In a post on Pastebin, Pr0f said his actions were in response to what ...
Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm
Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control. The discovery of the Stuxnet worm has alerted governments around the...
Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm
Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control. The discovery of the Stuxnet worm has alerted governments around the...
Researchers Warn of Prison Hacks, Opening Cell Doors
Remote hackers springing inmates from their jail cells — it sounds like a plot lifted from an old episode of “24” or “Prison Break.” But authorities are concerned by new research that claims such an attack is feasible. Research presented at the Hacker Halted conference in Miami last month by John...
Researchers Warn of Prison Hacks, Opening Cell Doors
In news that seems like it could be lifted from an old 24 or Prison Break plotline, authorities are concerned by new research that claims hackers could remotely open the cell doors of federal prisons. In addition to staging a jailbreak, hackers could sabotage a prison’s intercom system and...
India Seizes Equipment Linked to Duqu Attack
Officials in India have seized components from a server as part of an investigation into the Duqu Trojan, according to a report. According to Reuters, two workers at Web Werks, a web hosting company based in Mumbai, said the country’s Department of Information Technology took the equipment after...
New Analysis Questions Origins of Duqu Trojan
A new analysis of the recently discovered Duqu Trojan raises questions about the origin of the malware and its links to the earlier Stuxnet worm. The report, from Dell’s SecureWorks Counter Threat Unit CTU, was released Thursday. Analysts at SecureWorks studied the Trojan and found that, although...
7-Technologies IGSS 8 ODBC Server Remote Heap Corruption
Overview ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS Interactive Graphical SCADA System Version 8 from 7-Technologies 7T. 7T has verified the vulnerability and has developed a patch. Affected Products...
Virus Experts Warn of Stuxnet Variant "Duqu"
Virus researchers at Symantec Corp. have discovered a variant of the Stuxnet worm, dubbed Duqu, that is designed to steal information about industrial control systems. Symantec said the malware, which has turned up on more than one customers’ network, could be used to gather data for a future...
National Cyber Security Bulletin on Anonymous
National Cyber Security Bulletin on Anonymous DHS has analyzed the likelihood of Anonymous attacking industrial control systems ICS after the hacktivist group showed such intentions earlier this year. "Assessment of Anonymous Threat to Control Systems" that was drafted by the National Cybersecuri...
National Cyber Security Bulletin on Anonymous
National Cyber Security Bulletin on Anonymous DHS has analyzed the likelihood of Anonymous attacking industrial control systems ICS after the hacktivist group showed such intentions earlier this year. "Assessment of Anonymous Threat to Control Systems " that was drafted by the National...
Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET)
Department of Homeland Security Releases Cyber Security Evaluation Tool CSET The Cyber Security Evaluation Tool CSET is a Department of Homeland Security DHS product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National...
Siemens FactoryLink Multiple ActiveX Vulnerabilities
Overview ICS-CERT originally released Advisory ICSA-11-343-01P on the US-CERT secure portal on December 09, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Cent...
ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities
Overview This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.” ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include:...
Evidence of Infected SCADA Systems Washes Up in Support Forums
While security experts and lawmakers debate the seriousness of cyber threats to critical infrastructure, one security researcher says that evidence that viruses and spyware already have access to industrial control systems is hiding in plain sight: on Web based user support forums. Close to a doz...
Researcher Will Demo Crippling Siemens Attack Using Metasploit
For years, there’s been an argument that the sophistication of industrial control systems is enough to keep script kiddies – or low-skilled hackers – away. Well, so much for that. Researcher Ralph Langer says that he will use a presentation at an upcoming security conference in Washington D.C. to...
Don't Say I Never Told You: Researcher Warned Congress Of Stuxnet Variants 10 Months Ago
Stuxnet may have been super sophisticated cyber weapon deployed by state actors, but future generations of the malware will be available to run of the mill script kiddies, a noted expert on security and industrial control systems has warned in a letter to the U.S. Congress ten months ago. Ralph...