DNP3 Implementation Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, reported an improper input...

SCADA ICS Bug Expose Critical Infrastructure to Attack

A trio of researchers have uncovered 25 security vulnerabilities in various supervisory control and data acquisition SCADA and industrial control system ICS protocols. The researchers, Adam Crain, Chris Sistrunk, and Adam Todorski–though Todorski has not yet been credited with finding any of the...