Items Tagged with "ICS-CERT"


7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Sielco Sistemi Winlog Buffer Overflow

June 18, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Credential Management

June 13, 2012 Added by:Infosec Island Admin

Credential caching should be disabled on all machines. A common technique employed by attackers is referred to as “pass the hash.” The pass the hash technique uses cached password hashes extracted from a compromised machine to gain access to additional machines on the domain...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens WinCC Multiple Vulnerabilities

June 08, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Siemens WinCC application, and Siemens identified an additional vulnerability, that may allow an attacker to gain unauthorized access, read from, or write to files and settings on the target system...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

sKyWIper-Flame Malware Cryptographic Collision Attack

June 07, 2012 Added by:Infosec Island Admin

The sKyWIper malware uses a new cryptographic collision attack in combination with the terminal server licensing service certificates to sign code as if it came from Microsoft. However, code-signing without performing a collision is also possible. This is an avenue for compromise that may be used by additional attackers..

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Detection and Mitigation Recommendations

June 06, 2012 Added by:Infosec Island Admin

While it might seem reasonable to find and eliminate the intruder on a machine-by-machine basis as compromised hosts are identified, unless the response execution prevents lateral movement of the adversary across the network, the cleanup process will likely not succeed...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Preserving Forensic Data

June 01, 2012 Added by:Infosec Island Admin

Preserving forensic data is an essential aspect of incident response. The data acquired during the process is critical to containing the intrusion and improving security to defend against the next attack. Network defenders should make note of the following recommendations for retention of essential forensic data...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Emerson DeltaV Multiple Vulnerabilities

May 31, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Emerson DeltaV application which can be can be exploited by a remote attacker and could allow denial of service, information disclosure, or remote code execution. Emerson has produced a hotfix that mitigates these vulnerabilities...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: RuggedCom Weak Cryptography for Passwords

May 30, 2012 Added by:Infosec Island Admin

A researcher identified a default backdoor user account with a weak password encryption vulnerability in the RuggedCom Rugged Operating System which could allow an attacker can use a simple publicly available script to generate the default password and gain administrative access to the unit...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Measuresoft ScadaPro DLL Hijack Vulnerability

May 29, 2012 Added by:Infosec Island Admin

Independent researcher Carlos Mario Penagos Hollmann identified a remotely exploitable, uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in Measuresoft’s ScadaPro application which may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: xArrow Multiple Vulnerabilities

May 25, 2012 Added by:Infosec Island Admin

Security researcher Luigi Auriemma identified and released four security vulnerabilities, along with proof-of-concept code, in the xArrow software application which may cause a denial-of-service condition or allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: SNORT in an ICS Environment

May 23, 2012 Added by:Infosec Island Admin

A major obstacle for ICS security is how to test and deploy security tools in the ICS space. Now, the open-source IT security research community has paired with ICS teams, DHS, NESCO, and other stakeholders to research ICS network threats and produce tools to address them...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: From the Trenches - A Tabletop Exercise

May 22, 2012 Added by:Infosec Island Admin

Incident response is critical. During a real incident, you don’t want to discover major gaps in policy/procedure and/or technology tools. The collaboration that occurs during the exercise helps to understand the roles and responsibilities that each of us have during cyber attacks...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Advantech ISSymbol ActiveX Buffer Overflow

May 21, 2012 Added by:Infosec Island Admin

Researchers have identified multiple buffer overflow vulnerabilities in the Advantech Studio product that could allow an attacker to cause buffer overflows, which in turn can allow arbitrary execution code. An exploit code is known to exist that targets these vulnerabilities...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Pro-face Pro-Server EX Multiple Vulnerabilities

May 18, 2012 Added by:Infosec Island Admin

The vulnerabilities affecting Pro-face Pro-Server include invalid memory access, buffer overflow, unhandled exception, and memory corruption with proof-of-concept exploit code. According to this report, these vulnerabilities are exploitable via specially crafted packets...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Risk Management for the Electricity Sector

May 14, 2012 Added by:Infosec Island Admin

The DOE collaborated with the NIST and NERC to release a second draft of the Electricity Sector Cybersecurity Risk Management Process guideline, designed with the idea that cybersecurity risk management should be driven by the business needs of the company...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Progea Movicon Memory Corruption Vulnerability

May 11, 2012 Added by:Infosec Island Admin

Security researcher Dillon Beresford of IXIA has identified a memory corruption vulnerability in the Progea Movicon application. This vulnerability can be exploited by a remote attacker to read an invalid memory address resulting in a denial of service...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »