2008 Articles
Vulnerable NetDDE Shares Lead To Complete System Compromise
When the NetDDE share vulnerability in Wonderware's InTouch 8.0 HMI was announced by US-CERT, we noticed that most dismissed it as just typical control system weak permissions. The same as commonly seen in OPC DCOM configurations. However, the true impact of a weak...
Lack of Information and Parsing Words
Alan Paller of SANS has been talking about cyber extortion attempts of utility companies for over a year now, and we now have Tom Donahue, a CIA-rep, on the record. "We have information, from multiple regions outside the United States, of cyber intrusions into...
Bravo FERC!
Today FERC approved the NERC/ERO CIP cyber security standards for the electric industry. This was the right decision to avoid derailing progress. What is most impressive are the comments in the press release and final rule. They directed modifications and...
Chaos Computer Club (CCC) SCADA Presentation Report
Ralph Langner, one of the bright lights in the European SCADA Security community, attended the CCC annual meeting in Berlin right before the new year. There was a Hacking SCADA presentation. Begin Ralph's Report The Chaos Computer Club's annual meeting is the place to...
Article Archive By Year
Article Archive By Category
UPCOMING EVENTS
OTCEP ... 29 - 30 July 2025 in Singapore
One of the best OT Security events in Asia. Dale will be playing cowboy that week and will unfortunately miss it. Most of the rest of the OTCEP panel will be there on stage.
S4x26 ... 23 - 27 February 2026 in Miami South Beach
Save the date for S4x26. For the biggest and most future focused on ICS Security Event ... and likely our last time in Miami South Beach.