After my previous blog post on the NERC-CIP Plant Tour, colleagues asked questions about the systems mentioned. One of the questions that took some time to answer, and required a lot of explanation, was regarding vibration monitoring systems, specifically the Bently...
<< Note – I edited one paragraph after further thought and uncertainty of the exact time this was released. My change log says Friday, the date says Thursday. Apologies if the Friday comments are in error, but this is a big impact vuln that is being...
The S4 call for papers announcement and submission page will come out on Monday — sorry for the delay. You will have two months to submit, but early submittal improves your chances. Speaking of conferences, next week in Las Vegas is BlackHat, BSides and Defcon....
A few months ago I was lucky enough to do a lab assessment demoing a secure control system network. One component of the lab network got my attention a bit: an embedded Network Time server that gets its time from GPS. Its sole function in life is to get time via...
The Billy Rios / Terry McCorkle article about the vulnerability handling of Tridium and ICS-CERT is a must read. I started to pull quotes from it and found I wanted to include almost everything. It’s clear that Tridium was unresponsive not only to Rios/McCorkle...
Bob O’Harrow of the Washington Post continued his cybersecurity series, this time focusing on vulnerabilities in Honeywell’s Tridium that is used in a large number of building management systems, including many directly connected to the Internet....
In a story that broke around June 22nd, and that most of us in the ICS world missed, was the discovery of a virus targeting engineering drawings. It’s name is ACAD/Medre.A, and it is specifically designed to snarf up AutoCAD files, and email them to (supposedly)...
If you are interested in the effectiveness of Microsoft’s free Enhanced Mitigation Experience Toolkit (EMET) read Gal Badashi at the Security Bits blog post Tweaking Metasploit Modules to Bypass EMET – Part 1. He takes a released Metasploit exploit and...
Sorry for the absence last week, but I was at a SCADA Security Summit up the Wilder Kaiser in the Alps. The best kind of summit with only 1/3 of the talk on ICS security, beautiful scenery and Tyrolean food / German beer in the huts. The WikiLeaks story on...
Wurldtech recently certified Schneider Electric as a Communication Certifier. It took me a bit to wade through what this really means. Schneider is now authorized to run the Wurldtech Achilles device against Schneider’s own systems, and give their...
