On SCADASEC this weekend there was a link to a paper describing: a cost-effective way of equipping educators with hands-on toolkits that can be used in their classrooms as security testing and learning kits. ..in response to this problem space: These insecurities have been perpetuated by technology staff and even educators who are themselves unaware of the […]
Archive | TAC Diary RSS feed for this section
Portable SCADA Security Education Toolkits
Read More 0 Comments
Vulnerability Notice For Siemens S7-1200 Systems
ICS-CERT today posted a vulnerability notice for Siemens S7-1200 systems here: Siemens also has an advisory out, located here. Specifically, these systems run a Certificate Authority (CA) which stores a private key that is accessible to attackers. As users of the product are encouraged to add the CA to their trusted store locally, an attacker […]
Read More 0 Comments
Inventory for Security Success
“You can’t manage what you don’t measure.” Or, in this case, what you don’t inventory. It is common in many audits, assessments and pentests to find insecure devices on the network that no one remembers existing. This issue doesn’t escape control environments and is probably a more frequent finding then on corporate networks (no scientific […]
Read More 0 Comments
State-Sponsored Attack or Script Kiddies?
Critical Infrastructures, like the power grid, undoubtedly have a large target on their proverbial foreheads. The list of possible vulnerabilities are a mile long, the motives for exploitation not too difficult to imagine but what about the threat actors? We often hear about extortion, state-sponsored cyber warfare and even the disgruntled employee out to “stick […]
Read More 0 Comments
RasGas Reports Impact From Virus
RasGas, the 2nd largest LNG producer in the world, is reporting that they’ve been hit with a virus. While there is currently very little public information, news outlets state that impacts include a loss of internet facing services such as email and web presence, as well as office PCs being disrupted. RasGas has stated that […]
Read More 0 Comments
Vulnerability: RuggedCom ROS hardcoded SSL private key
ICS-CERT issued an alert on a hardcoded SSL private key vulnerability discovered by Justin Clarke: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-234-01.pdf In short, as the private key is known to anyone who has a copy of the RuggedCom Operating System, they can intercept and change any communication to a RuggedCom or OEM’ed device that has this key present. It isn’t […]
Read More 0 Comments
Rise of the Humans and the Problem with Fences
Walking by a farm recently, I got to thinking: How nice it must be to be able to just put up a fence and BOOM! – You have a perimeter that keeps the cows where they should be. Unfortunately for us, it’s a little bit harder. Our competitors aren’t cows. Instead, we have adversaries who have […]
Read More 0 Comments
War of Attrition: HBGary, APT Covert Communications Channels, and “Actionable Intelligence”
I just came across this blog post on HBGary’s website the other day and thought it might be useful to those of us not 100% familiar with the architecture of many attacks these days: http://www.hbgary.com/inside-an-apt-covert-communications-channel (Disclosure: HBGary is a commercial company and is obviously selling something. This is not an endorsement of them or their […]
Read More 0 Comments
Shodanit Yourself: Scans Scans Everywhere Scans
I recently came across a discussion (one of many) between a group of people talking about putting together another Shodan-like engine. A lot of the talk was idle speculation, but then this paper came up: https://factorable.net/weakkeys12.conference.pdf Although the topic wasn’t “scanning the internet”, this paragraph on page 3 was interesting: Host discovery In the first […]
Read More 0 Comments
Executive Order “Leak” is Really Draft HSPD-7 Update (Still interesting!)
Many of you may have seen a reported leak of the cyber “Executive Order” which has been in the news recently to SCADASEC. Unfortunately, this news is untrue. The document, however – a draft of the re-write of HSPD-7 - is still worth looking at. (You can find the leaked draft HERE.) This draft (which has been in […]