Nordex NC2 - Cross-Site Scripting

Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. id:...

$10M Is Yours If You Can Get This Guy to Leave Russia

The U.S. government this week put a $10 million bounty on a Russian man who for the past 18 years operated Try2Check, one of the cybercrime undergrounds most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkovs card-checking service...

Conti Ransomware Gang Hits German Wind Turbine Giant Nordex

By Deeba Ahmed All of Nordexs internal IT systems were shut down, and remote access to the turbines was disrupted due… This is a post from HackRead.com Read the original post: Conti Ransomware Gang Hits German Wind Turbine Giant Nordex...

Nordex NC2 XSS Vulnerability

OVERVIEW Independent researcher Karn Ganeshen has identified a cross-site scripting vulnerability in Nordex’s NC2 Wind Farm Portal application. Nordex has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following Nordex NC2...

Nordex NC2 XSS Vulnerability

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-304-01 Nordex NC2 – Cross-Site Scripting Vulnerability that was published October 31, 2013, on the NCCIC/ICS-CERT web site. Independent researcher Darius Freamon identified a cross-site scripting vulnerability in the Nordex...

ICS-CERT Warns of Flaw in Wind Farm Management App

The ICS-CERT is warning users about a reflected cross-site scripting vulnerability in a control interface for a wind-farm control portal manufactured by Nordex. The bug is remotely exploitable and could enable an attacker to run code on a vulnerable machine. The Nordex NC2 is a control portal for...