Attacks on SCADA, ICS Honeypots Modified Critical Operations

With antiquated gear running the country’s industrial control systems that oversee critical infrastructure, it’s no shock attackers targeting SCADA networks do their fair share of reconnaissance looking for weak spots in that equipment. A researcher decided to put that theory to a practical test...

Week in Security: Scarily Tenacious Rootkits, Stuxnet's Secrets and Cisco Flaws

The news this week revolved around complex and troublesome threats, notably two rootkits, TDL4 and ZeroAccess. Stuxnet reared its head once again as did a new problem with Cisco’s popular videoconferencing software. Read on for the full week in review. In our most popular story of the week, we...

GE Fanuc Proficy Information Portal allows arbitrary file upload and execution

Overview GE Fanuc Proficy Information Portal allows authenticated users to upload arbitrary files. An attacker could upload an executable server-side script e.g., an .asp shell on a Microsoft Internet Information Server platform and execute arbitrary commands with the privileges of the web server...