PLCScan is a utility that was released by scadastrangelove to help identify PLC devices. It does so by acting as a port scanner to see if two common ports are open and then decides what to do based on the availability of the ports. Documented within The Rack is...
At S4x13, Scadastrangelove (@scadasl) released a offline brute force password cracking script (http://pastebin.com/0G9Q2k6y). Shortly after the script was released the functionality from that script was added into John The Ripper. Documented in The Rack is how John...
I asked Eyal Udassin of C4-Security in Israel to comment on the ICS hack disclosed this week. “The hack isn’t something for the books. It’s of small kibutz named Sa’ar in the northern part of Israel, indeed from a year ago. The operator had a remote access...
Damiano Bolzoni’s of Security Matters presented Detecting 0-Day and Targeted Attacks on ICS with Non-Signature Based IDS. While the quantitative mode of anomaly detection, looking at the quantity of packets, has had some success, qualitative approach has...
There are several seats still available for the upcoming Cyber Security for Power Generation training outside of Chicago. The one-day course is specifically designed for those engineers and IT professionals responsible for securing a power plant DCS and balance...
Fuzzing, as a practice, has been around for a while. Throw garbage at an input to a program and see what falls apart. Analyze the crashes and dumps, and see if any involve commonly exploitable issues, such as buffer overflows, off by one errors, etc. I’ve seen...
A draft of ISA-62443-3-2 is out for comment now. Previously it was called Zones and Conduits, but the latest draft recommends a title change to Security Risk Assessment and System Design. The recommended new title is more accurate for the content. Readers looking for...
Apologies for being late with the Friday News & Notes this week. I spent the end of last week getting some inspiration from people that achieve amazing things through passion and incredibly high standards in unrelated fields. Heise, a major German publisher,...
A lot has been said about the effectiveness of awareness training recently. While Training and awareness are necessary to build a solid foundation, practicing with real tools and hardware elevates your knowledge and hones your craft. As part of my series about...
Earlier this year at the SANS SCADA Security Summit, Michael Assante used his position as program chair to ask various speakers and panels whether People, Process or Technology was the most important issue to address to improve ICS security. The answer he wanted was...
