EUVD-2018-9636

Malware in sbrugna...

EUVD-2018-10702

Malware in sbrugna...

EUVD-2019-2701

Malware in sbrugna...

EUVD-2023-34876

Malicious code in bioql PyPI...

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request...

CVE-2013-2796

Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an...

CVE-2012-4356

Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Iran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology OT environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and...

The Patching Problem: Best Practices for Maintaining Up-to-Date Systems

"Update ready to be installed." IT teams and business stakeholders are probably familiar with this notification, or something like it. After all, software updates are nothing new: Whenever a vendor makes improvements or includes new capabilities on a previously-released platform, it comes with a...

Zero Day Initiative: A 1H2018 Recap

When the Zero Day Initiative ZDI was formed in 2005, the cyber threat landscape was a bit different from what we see today. Threats were a little less sophisticated, but there was one thing that we saw then that we still see now: the shortage of cybersecurity professionals and researchers. The te...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 22, 2017

For those of you who follow the National Football League NFL, do you remember Super Bowl 47? I wasn’t exactly thrilled about the teams that played since I’m not a 49ers or Ravens fan. What was interesting about the game is that it was halted for over half an hour in the third quarter because of a...

This 'Killer USB' can make your Computer explode

Can Hackers turn a remote computer into a bomb and explode it to kill someone, just like they do in hacker movies? Wait, wait! Before answering that, Let me tell you an interesting story about Killer USB drive: A man walking in the subway stole a USB flash drive from the outer pocket of someone...

Electric Cybersecurity Regulations Have Serial Problem

A class of SCADA vulnerabilities discussed at a recent conference is getting attention not only for the risks they pose to master control systems at electric utilities, but also for illuminating a dangerous gap in important critical infrastructure regulations. Researchers Adam Crain and Chris...

Hunting vulnerabilities in SCADA systems, we are still too vulnerable to cyber attacks

Stuxnet case is considered by security expert the first concrete act of cyber warfare, a malware specifically designed to hit SCADA systems inside nuclear plants in Iran. The event has alerted the international security community on the risks related to the effects of a cyber attack against...

Dozens of SCADA Exploits, Proof-of-concept Code Published

Exploits for scores of vulnerabilities in supervisory control and data acquisition software SCADA were made public on Monday, according to a report by The Register. 34 holes were published on Seclists.org’s Bugtraq mailing list for programs by Siemens, Iconics, 7-Technologies, Datac and Control...