Blog Posts Tagged with "human-machine interface"
ICS-CERT: Removable Media Flash Drive Attacks
July 10, 2012 Added by:Infosec Island Admin
A shift supervisor was using a portable flash drive for downloading information from an HMI connected to the industrial control systems. Antivirus scanners run on the removable media, the HMI machine, and other systems found the Hamweq virus on the removable media, but the other systems were clean...
Comments (0)
ICS-CERT: Sielco Sistemi Winlog Buffer Overflow
June 18, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...
Comments (0)
ICS-CERT: xArrow Multiple Vulnerabilities
May 25, 2012 Added by:Infosec Island Admin
Security researcher Luigi Auriemma identified and released four security vulnerabilities, along with proof-of-concept code, in the xArrow software application which may cause a denial-of-service condition or allow an attacker to execute arbitrary code...
Comments (0)
ICS-CERT: Pro-face Pro-Server EX Multiple Vulnerabilities
May 18, 2012 Added by:Infosec Island Admin
The vulnerabilities affecting Pro-face Pro-Server include invalid memory access, buffer overflow, unhandled exception, and memory corruption with proof-of-concept exploit code. According to this report, these vulnerabilities are exploitable via specially crafted packets...
Comments (0)
ICS-CERT: Wonderware Unicode String Vulnerability
May 17, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report identifying an unallocated Unicode string vulnerability with proof-of-concept exploit code that affects the Invensys Wonderware SuiteLink service which could allow an attacker to remotely crash older versions of the service...
Comments (0)
Is ICS-CERT Focused on the Right Issues?
February 21, 2012 Added by:Joe Weiss
Analysis of the incident database shows the most significant events from an impact perspective were control system related - yet they represent only 24 of the 203 advisories ICS-CERT put out in the last year. It appears ICS-CERT is focusing on the less important issues...
Comments (2)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox