This is so not the kind of thing I want to read on a Monday morning--especially when I'm in a pitched battle with my least favorite winter guest, bronchitis--but this is important. So listen up. If Stuxnet didn't scare you, and Walt's most recent post on bad data didn't, try...
Stuxnet has reminded us yet again that we live in a world that is not necessarily full of friendly people who mean us well. The folks at Byres Security have launched a new service to help us keep abreast of what's going on out there among the troublemakers and how...
Coming down to the end of one of those weeks where I feel like if I have to put one more thing in my brain, it might explode. Between Emerson Exchange and the Stuxnet virus, I've had trouble keeping up.
Stuxnet is arguably the first cyber attack specifically targeting ICS devices. It is a very sophisticated attack that gets around multiple security barriers and utilizes multiple vectors. The Siemens PLC default password was published in public forums in Germany and Russia in 2008.
Finally, something Joe Weiss and I have been talking about, begging for, and even shouting about for several years in this blog has come to pass. I personally am delighted to see Lofty Perch beginning to see the importance of forensics.
We're about to acquire a significant new cybervulnerability. The world's energy utilities are starting to install hundreds of millions of 'smart meters' which contain a remote off switch. Its main purpose is to ensure that customers who default on their payments can be switched remotely to a prepay tariff
According to the Channel Insider blog, Microsoft has released an out-of-band patch (MS10-046) that attempts to repair the .LNK vulnerability that has been used to attack Siemens S7, PCS7 and WinCC-based HMI systems.