Blog

Siemens Patches PLC Vulnerabilities

June 24, 2014

After a month of back and forth between a vendor and a security researcher, Siemens has patched two of the SCADA vulnerabilities first identified in May by Dillion Breseford. Breseford pulled his talk from TakeDownCon in Dallas after requests from both the vendor and the Department of Homeland Security.

Read More

More SCADA Vulnerabilities Found

June 24, 2014

On Wednesday, Dillon Beresford of NSS Labs canceled his talk at TakeDownCon in Dallas, Texas, after concerns that bad actors might use his demonstration to cause physical damage to SCADA facilities worldwide. The next speaker at the conference tweeted that he was up next because the SCADA talk had been cancelled, prompting media speculation of government or vendor censorship. In the past, vendors have sued researchers in order to prevent public disclosure.

Read More

SCADA Software Vulnerable To Stack Overflows

June 24, 2014

The US Industrial Control Systems Computer Emergency Response Team (ICS-CERT) is warning of a new stack overflow in an ActiveX control used in Iconics WebHMI, Genesis32, BizViz HMI and SCADA systems.

Read More
COMMENTS