HackDig : Dig high-quality web security articles for hacker

Device Security Issues for the Infosec Community to Consider

The issue of device security has once again returned to the forefront in light of the recent botnet attacks that have leveraged CCTV cameras, DVRs and other Internet of Things (IoT) devices. As a community, especially those of us who are CISSPs, it is our responsibility to think several chess moves ahead and to take deeper dives into the investigative questi
Publish At:2016-11-21 11:06 | Read:3311 | Comments:0 | Tags:Featured Articles IT Security and Data Protection DDoS devic

[CRITICAL] CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow

Have you ever been deep in the mines of debugging and suddenly realized that you were staring at something far more interesting than you were expecting? You are not alone! Recently a Google engineer noticed that their SSH client segfaulted every time they tried to connect to a specific host. That engineer filed a ticket to investigate the behavior and after
Publish At:2016-11-20 03:20 | Read:4571 | Comments:0 | Tags:Application Security Cyber Security Cyber Security Research

OnionDog APT targets Critical Infrastructures and Industrial Control Systems (ICS)

The Helios Team at 360 SkyEye Labs revealed that a group named OnionDog has been infiltrating and stealing information from the energy, transportation and other infrastructure industries of Korean-language countries through the Internet. OnionDog’s first activity can be traced back to October, 2013 and in the following two years it was only active between l
Publish At:2016-11-20 03:20 | Read:4633 | Comments:0 | Tags:Critical Infrastructures Cyber Security Cyber Warfare ICS SC

Kemuri Water Company (KWC) | Hackers change chemical settings at water treatment plant

Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink.   NEW YORK — March 23, 2016 — Hackers breached a water company’s industrial control system and made changes to valve and flow control settings, Verizon revealed in its latest Data Breach Digest. The unnamed w
Publish At:2016-11-20 03:20 | Read:7103 | Comments:0 | Tags:Critical Infrastructures Cyber Security ICS SCADA Security U

Physical Backdoor | Remote Root Vulnerability in HID Door Controllers

If you’ve ever been inside an airport, university campus, hospital, government complex, or office building, you’ve probably seen one of HID’s brand of card readers standing guard over a restricted area. HID is one of the world’s largest manufacturers of access control systems and has become a ubiquitous part of many large companies’ physical security postur
Publish At:2016-11-20 03:20 | Read:4495 | Comments:0 | Tags:Critical Infrastructures Cyber Security ICS Physical Securit

How to Approach Cyber Security for Industrial Control Systems

Today’s industrial control systems (ICS) face an array of digital threats. Two in particular stand out. On the one hand, digital attackers are increasingly targeting and succeeding in gaining unauthorized access to industrial organizations. Some actors use malware, while others resort to spear-phishing (or whaling) and other social engineering techniqu
Publish At:2016-11-14 12:05 | Read:2755 | Comments:0 | Tags:Featured Articles ICS Security controllers Cyber endpoints i

SCADA Sssh! Don’t Talk, Filter it

The effects of cyber-attacks against SCADA/ICS are well known, however, there is a great confusion when dealing with mitigation techniques. The Majority are aware of the impact cyber-attacks can have on Industrial Control Systems however, the reality in terms of mitigation techniques are shrouded with confusion and a reactive approach. Recent 0-day vulnerabi
Publish At:2016-11-10 06:35 | Read:4059 | Comments:0 | Tags:Breaking News Hacking Havex ICS Panel Shock SCADA stuxnet ze

CVE-2016-7165 Privilege Escalation flaw affects many Siemens solutions

Siemens released security updates and temporary fixes to fix a privilege escalation flaw, tracked CVE-2016-7165, that affects several industrial products. Siemens has released security updates and temporary fixes to address a privilege escalation vulnerability, tracked CVE-2016-7165, that affects several industrial products. The flaw could be exploited by at
Publish At:2016-11-10 06:35 | Read:2878 | Comments:0 | Tags:Breaking News Hacking Security CVE-2016-7165 ICS SCADA Sieme

How to compromise PLC systems via stealthy Pin control attacks

At the Black Hat Europe 2016 two security researchers devised undetectable attacks that could be used to hack PLC systems avoid being detected. Security researchers at the Black Hat Europe 2016 have presented a new attack method that could be used to hack programmable logic controllers avoid being detected. programmable logic controllers are essential compon
Publish At:2016-11-05 16:35 | Read:3713 | Comments:0 | Tags:Breaking News Hacking ICS malware PLC PLC rootkit SCADA

Passively Pilfering Pages: How Beepers Threaten ICS Security

In today’s interconnected world, malicious actors take no issue in targeting industrial control systems (ICS). Just look at what’s happened in the past two years alone.Actors have sent spear-phishing emails to a number of industrial organizations in the Middle East; gained unauthorized access to a dam in upstate New York; leveraged BlackEnergy ma
Publish At:2016-11-03 07:45 | Read:5557 | Comments:0 | Tags:Featured Articles ICS Security beepers ics Industrial page T

3 ICS Security Incidents that Rocked 2016 and What We Should Learn from Them

Physical and digital systems are increasingly linked together in modern industrial environments like those seen in the United States. While this connectivity automates the management of industrial control systems (ICS), it also means a digital attack against our nation’s critical infrastructure could negatively affect users’ physical health and s
Publish At:2016-11-01 00:45 | Read:4674 | Comments:0 | Tags:Featured Articles ICS Security CISR ics malware NCSAM securi

Experts disclosed a critical flaw in Schneider Industrial Firewalls

CyberX experts at the SecurityWeek’s 2016 ICS Cyber Security Conference disclosed a critical flaw in the Schneider Industrial Firewalls. This week, at the SecurityWeek’s 2016 ICS Cyber Security Conference, researchers at industrial security firm CyberX disclosed several important vulnerabilities. The experts demonstrated how hackers can target ICS systems an
Publish At:2016-10-27 12:25 | Read:3718 | Comments:0 | Tags:Breaking News Hacking firewall ICS PLC SCADA Schneider indus

Kaspersky Lab launched the new Lab ICS-CERT

Kaspersky Lab has launched a new global computer emergency response team (CERT), the Kaspersky Lab ICS-CERT, focusing on industrial control systems (ICS).. Kaspersky has anticipated launching an Industrial Control Systems CERT. Of course, I’m joking, anyway I always sustained that the creation of a similar structure represents an important achievement
Publish At:2016-10-25 23:40 | Read:2595 | Comments:0 | Tags:Breaking News Security CERT cyber threats Hacking ICS Kasper

Two-Thirds of Orgs Don’t Have a Strategy to Protect Their Endpoints, Study Reveals

In the information age, an organization is nothing without its critical endpoints. Those network systems function as the cornerstones of a corporate IT network and, as such, are crucial to maintaining smooth business flow. Without them, a company could suffer fiscal and/or operational consequences.Critical endpoints come in many shapes and sizes. Traditional
Publish At:2016-10-11 01:55 | Read:2841 | Comments:0 | Tags:Off Topic endpoints ics IIoT Internet of Things IoT

Lessons from the Frontlines of Power Utility Attacks

Security experts have been warning companies and policymakers that systems protecting power utilities and other critical infrastructure are vulnerable to cyber attacks. Those intrusions could produce widespread damage, if they proved to be successful.In fact, as reported by Dark Reading, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Publish At:2016-10-06 12:20 | Read:2823 | Comments:0 | Tags:Featured Articles ICS Security ics ICS-CERT malware power ra

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud