It is interesting watching the system work from the researcher perspective and see the responses and time line. This was one of the first vulnerabilities that we processed through our vulnerability disclosure policy. Matt identified this in late February and it went...
Brian Krebs at the Washington Post’s Security Fix has more detail on a recent utility hack and some grim predictions for 2007 Microsoft Office. The cyber attack last month against a U.S.-based public utility came wrapped in a Microsoft PowerPoint document...
When we get on our soapbox and stress the importance of identifying and fixing what we believe our widespread implementation vulnerabilities in SCADA devices and applications we frequently hear “everyone knows the SCADA protocols have no security so what is the...
For those coming in late: 9/11 and multiple worms increase cyber security concern for the electric gridNERC representing bulk electric systems decides cyber security standards are requiredAugust 2003 NERC issues temporary Urgent Action Cyber Security Standard 1200...
In an earlier post I gave a preview of Ralph Langner’s paper and DoS tool for OPC implementations. We have a second brilliant OPC paper at S4 from Lluis Mora of Neutralbit in Barcelona, Spain. Lluis’s paper focuses on implementation vulnerabilities...
