Pierluigi Paganini
August 02, 2017
The US ICS-CERT issued an alert in response to a public report of a vulnerability in the Controller Area Network BUS (CAN BUS). On Friday (28th of July), the Industrial Controls Systems Cyber Emergency Team or ICS-CERT, issued an alert in response to a public report of a vulnerability in the Controller Area Network (CAN), […]
Pierluigi Paganini
October 04, 2016
The US ICS-CERT published its annual vulnerability coordination report for FY 2015 that provided information about security holes reported to the agency. The US ICS-CERT has published its annual vulnerability coordination report for the fiscal year 2015. The report included detailed information about security vulnerabilities reported to the US ICS-CERT in 2015. “ICS-CERT is pleased to announce the release of […]
Pierluigi Paganini
August 24, 2016
The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability. A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker âbRpsd,â the expert has discovered the vulnerability in […]
Pierluigi Paganini
August 18, 2015
The ICS-CERT has recently published six security advisories to warn organizations about a number of 0-day flaws in SCADA systems. The ICS-CERT has published six advisories to warn organizations about the presence of Zero-Day Flaws in SCADA Systems. Aditya K. Sood, security researcher at Elastica, has revealed in a talk at the Def Con 2015 conference several vulnerabilities […]
Pierluigi Paganini
June 14, 2015
A German security researcher reported hundreds of wind turbines and solar systems wide open to easy exploits worldwide due to the lack of security by design The German researcher Maxim Rupp has discovered numerous security issues in clean energy systems, including solar lighting and wind turbines. The possible consequence of a cyber attack is the […]
Pierluigi Paganini
April 15, 2015
A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems. The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year. Unfortunately, the majority of incidents occurred in SCADA systems is […]
Pierluigi Paganini
March 16, 2015
DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHSâs Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 â February 2015. The ICS-CERT MONITOR report According to the report, the Industrial Control Systems […]
Pierluigi Paganini
January 22, 2015
Narendra Shinde of Qualys Security has identified multiple vulnerabilities in Schneider Electricâs ETG3000 FactoryCast HMI Gateway. ICS-SCADA systems are critical components of for our society, they are often vital system inside critical infrastructure, but we still continue to discover naive vulnerabilities in the software they run. The latest surprising discovery was made by security experts […]
Pierluigi Paganini
January 14, 2015
GE MultiLink managed switches are affected by two vulnerabilities which could be exploited to gain unauthorized access and run DoS attacks on the device. Managed Ethernet switches produced by GEÂ include the hard-coded private SSL key in a number of network devices. The Ethernet switches that present the security hole are designed for use in industrial […]
Pierluigi Paganini
December 12, 2014
The ICS-CERT revealed that the BlackEnergy malware targeted SCADA HMI systems may be exploiting a recently patched flaw in the Siemens SIMATIC WinCC. Security experts at the Industrial Control System Cyber Emergency Response Team (ICS-CERT) Â reported that the BlackEnergy malware was used by threat actors in the wild to compromise HMI (human-machine interface) systems. The […]
Data Breach / November 21, 2024
