Honeywell Tridium/Niagra Control Systems Still Vulnerable

By Robert Vamosi | 2/6/13 5:26 AM

Researchers said on Tuesday that Niagara control system from Honeywell International Inc's Tridium division remains vulnerable--despite numerous public warnings.

Read More >

DHS Warns Of New ICS Attacks Via Shodan

By Robert Vamosi | 10/29/12 4:23 AM

LAst Thursday, DHS issued a new warning to Industrial Control System operators on new and increasing threats.

Read More >

The Power of Shodan

By Robert Vamosi | 8/3/12 2:10 AM

Did you know there are hydrogen fuel cells attached to the Internet? According to one researcher there's a lot more of the Internet of Things that's accessible from the search engine Shodan than first meets the eye.

Read More >

Surveillance Camera Surveillance

By Robert Vamosi | 2/8/12 2:07 AM

What if you could access the video stream from the inside of a house on the other side of the country? Or a bank office? Or a street corner outside a popular nightclub? What if there was no way for the owner to disable the setting. That's the situation that TrendNet, one of the world's largest supplier of surveillance cameras, found itself in last month.

Read More >

Remote SCADA Vulnerabilities Hit Schneider Electric

By Robert Vamosi | 12/14/11 4:43 AM

On Monday, a security researcher published new vulnerabilities affecting remote access to the “NOE 771” devices manufactured by Schneider Electrics, one of the world's largest manufacturer of SCADA system devices. The vulnerabilities prompted the ICS-CERT to issue an alert.

Rubén Santamarta (a.k.a. "Reverse Mode"), a 29-year old European-based independent security researcher who previously showed how to hack into the Large Hadron Collider at CERN, said that he was able to attack these devices remotely after first locating vulnerable NOE 771 devices through the SHODAN search engine and then downloading the firmware from Schneider Electric. After reverse engineering the firmware update, Santamarta found he could load a trojanized firmware update, use non-documented hidden accounts, and use other non-documented functionalities. The trouble is in how the devices access remote access commands.

Read More >

Search Engine Serves Up Vulnerable Industrial Systems

By JDavis | 11/9/10 11:52 AM

A new search engine -- one that scans the internet for devices and servers rather than websites -- is making it even easier for hackers and other malicious criminals to find and exploit critical infrastructure and industrial control systems.

Read More >