Siemens Patches PLC Vulnerabilities

By Robert Vamosi | 6/20/11 8:01 AM

After a month of back and forth between a vendor and a security researcher, Siemens has patched two of the SCADA vulnerabilities first identified in May by Dillion Breseford. Breseford pulled his talk from TakeDownCon in Dallas after requests from both the vendor and the Department of Homeland Security.

Read More >

More SCADA Vulnerabilities Found

By Robert Vamosi | 5/19/11 5:35 AM

On Wednesday, Dillon Beresford of NSS Labs canceled his talk at TakeDownCon in Dallas, Texas, after concerns that bad actors might use his demonstration to cause physical damage to SCADA facilities worldwide. The next speaker at the conference tweeted that he was up next because the SCADA talk had been cancelled, prompting media speculation of government or vendor censorship. In the past, vendors have sued researchers in order to prevent public disclosure.

Read More >

SCADA Software Vulnerable To Stack Overflows

By Robert Vamosi | 5/13/11 6:43 AM

The US Industrial Control Systems Computer Emergency Response Team (ICS-CERT) is warning of a new stack overflow in an ActiveX control used in Iconics WebHMI, Genesis32, BizViz HMI and SCADA systems.

Read More >