Blog

Honeywell Tridium/Niagra Control Systems Still Vulnerable

June 25, 2014

Researchers said on Tuesday that Niagara control system from Honeywell International Inc's Tridium division remains vulnerable--despite numerous public warnings.

Read More

DHS Warns Of New ICS Attacks Via Shodan

June 25, 2014

LAst Thursday, DHS issued a new warning to Industrial Control System operators on new and increasing threats.

Read More

The Power of Shodan

June 24, 2014

Did you know there are hydrogen fuel cells attached to the Internet? According to one researcher there's a lot more of the Internet of Things that's accessible from the search engine Shodan than first meets the eye.

Read More

Surveillance Camera Surveillance

June 24, 2014

What if you could access the video stream from the inside of a house on the other side of the country? Or a bank office? Or a street corner outside a popular nightclub? What if there was no way for the owner to disable the setting. That's the situation that TrendNet, one of the world's largest supplier of surveillance cameras, found itself in last month.

Read More

Remote SCADA Vulnerabilities Hit Schneider Electric

June 24, 2014

On Monday, a security researcher published new vulnerabilities affecting remote access to the “NOE 771” devices manufactured by Schneider Electrics, one of the world's largest manufacturer of SCADA system devices. The vulnerabilities prompted the ICS-CERT to issue an alert.

Rubén Santamarta (a.k.a. "Reverse Mode"), a 29-year old European-based independent security researcher who previously showed how to hack into the Large Hadron Collider at CERN, said that he was able to attack these devices remotely after first locating vulnerable NOE 771 devices through the SHODAN search engine and then downloading the firmware from Schneider Electric. After reverse engineering the firmware update, Santamarta found he could load a trojanized firmware update, use non-documented hidden accounts, and use other non-documented functionalities. The trouble is in how the devices access remote access commands.

Read More
COMMENTS