2008 Articles

Vulnerable NetDDE Shares Lead To Complete System Compromise

When the NetDDE share vulnerability in Wonderware's InTouch 8.0 HMI was announced by US-CERT, we noticed that most dismissed it as just typical control system weak permissions. The same as commonly seen in OPC DCOM configurations. However, the true impact of a weak...

read more

Lack of Information and Parsing Words

Alan Paller of SANS has been talking about cyber extortion attempts of utility companies for over a year now, and we now have Tom Donahue, a CIA-rep, on the record. "We have information, from multiple regions outside the United States, of cyber intrusions into...

read more

Bravo FERC!

Today FERC approved the NERC/ERO CIP cyber security standards for the electric industry. This was the right decision to avoid derailing progress. What is most impressive are the comments in the press release and final rule. They directed modifications and...

read more

Chaos Computer Club (CCC) SCADA Presentation Report

Ralph Langner, one of the bright lights in the European SCADA Security community, attended the CCC annual meeting in Berlin right before the new year. There was a Hacking SCADA presentation. Begin Ralph's Report The Chaos Computer Club's annual meeting is the place to...

read more

UPCOMING EVENTS

Hack The Capitol Virtual ... Sep 16

Dale will have a discussion with Sameer Reddy and Bob Ackerman on Venture Capital in the ICS Security space.

PAS OPTICS Virtual ... Oct 27-28

Dale will keynote on the ICS Security Market & Integration With Enterprise Solutions.

Applied-Risk Nightwatch 2020 Virtual ... Nov 19

Dale will keynote on Adding Consequence To Your Risk Management Strategy.

Fortinet Secure OT 2020 Virtual ... Nov 23

Dale will keynote on Innovation Through Disruption.

S4x21 ... Jan 26-28 in Miami South Beach

Save the date. Hope for a Covid miracle.

2020 Past Events

OT-ISAC Virtual Keynote

ICSJWG Virtual Meeting

The Future of ICS Security Products (video)