Maybe Not UPDATE – The vulnerability was found by Justin W. Clarke, an independent security researcher in San Francisco, California. We don’t cover most of the ICS vulnerabilities on this site, but the Ruggedcom Undocumented Backdoor Access is a...
A few months back, security researcher Justin Engler (@JustinEngler) introduced me to a neat toy: the USB Rubber Duck. The Duck is a USB thumb-drive lookalike with a secret — the hardware is really a microcontroller with a microSD Card interface. The...
Lots of action and disagreement on cybersecurity legislation in the US Government. One of the main ICS security partisan divides is around regulation of the privately owned critical infrastructure. This week the White House chimed in: “National Security...
Next Tuesday the US House of Representatives Committee on Homeland Security will have a hearing titled: America is Under Cyber Attack: Why Urgent Action is Needed. The panel who will provide testimony and answer questions has not been announced. If it follows typical...
I’ve been doing a lot of work that involves the CIP vulnerability assessment process recently, namely while developing the Bandolier R8 Audit Files, and another more comprehensive file set that haven’t been released yet. This week, I had the opportunity...
The latest Version 5 of the NERC CIP standards is now open for comment through May 21st. Version 5 adds CIP-010: Configuration Management and Vulnerability Assessments and CIP-011: Information Protection to the existing CIP-002 to CIP-009. The NERC presentation on...
Koyo/Automation Direct has responded to Basecamp and has made many of the right moves. Yesterday’s ICSA-12-102-02 pretty much says it all: Koyo has disabled the device’s webserver by default, and they’ve added a lockout feature to password...
First a reminder of the goal: The goal of Project Basecamp is to make the risk of these fragile and insecure devices so apparent and easy to demonstrate that a decade of inaction will end. SCADA and DCS owner/operators will demand a secure and robust PLC, and this...
While there were some great talks at AppSecDC, the attendance at their Critical Infrastructure track was not very high. Critical Infrastructure is a new topic area for the AppSec conference this year and it’s unclear if it will survive. OWASP has a...
On Friday I wrote on why the Stuxnet-type exploit module for the Modicon Quantum was important to show just how easy it is to upload rogue ladder logic. The other big news from Reid’s presentation, you can see the slides below, was the introduction of the WAGO...
