4 matches found
Project Basecamp Adds Stuxnet-type Attack Module to Metasploit
UPDATE: Project Basecamp, a volunteer effort to expose security holes in industrial control system software, unveiled new modules on Thursday to exploit holes in common programmable logic controllers PLCs. The new exploits, which are being submitted to the Metasploit open platform, include one th...
Bloody Valentine For Critical Infrastructure: EtherNet/IP Exploit Could Crash Devices
Security researchers made good on a promise to release new exploits for programmable logic controllers PLCs. The exploits include one targeting a flaw in the implementation of the EtherNet/IP Industrial Protocol used in many IP-enabled PLCs. The security hole, if left unaddressed, could enable a...
(Not) making the grade
The researchers working on Project Basecamp found significant security issues with programmable logic controller PLC they tested. Some PLCs were too brittle and insecure to even tolerate security scans and probing. The D20 ME PLC by General Electric – a widely deployed industrial system – fared t...
Security audits
A presentation on Project Basecamp was a highlight of the conference. The talk presented the findings of a volunteer-led security audit of leading programmable logic controllers PLCs. The audit found that decrepit hardware, buggy software and pitiful or nonexistent security features make thousand...