HackDig : Dig high-quality web security articles for hacker

ICS-CERT Issues Warning of CAN Bus Vulnerability

The US ICS-CERT issued an alert in response to a public report of a vulnerability in the Controller Area Network BUS (CAN BUS). On Friday (28th of July), the Industrial Controls Systems Cyber Emergency Team or ICS-CERT, issued an alert in response to a public report of a vulnerability in the Controller Area Network (CAN), Bus standard. The vulnerability deta
Publish At:2017-08-02 13:35 | Read:3363 | Comments:0 | Tags:Breaking News Hacking CAN Bus Vulnerability Car hacking ICS-

Lessons from the Frontlines of Power Utility Attacks

Security experts have been warning companies and policymakers that systems protecting power utilities and other critical infrastructure are vulnerable to cyber attacks. Those intrusions could produce widespread damage, if they proved to be successful.In fact, as reported by Dark Reading, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Publish At:2016-10-06 12:20 | Read:3380 | Comments:0 | Tags:Featured Articles ICS Security ics ICS-CERT malware power ra

Report: More Than 400 Vulnerabilities Disclosed to ICS-CERT in 2015

A new report published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) revealed that over 400 vulnerabilities impacting industrial control systems were disclosed to the organization.According to the Annual Vulnerability Coordination Report for the 2015 fiscal year, ICS-CERT published 197 advisories and issued 16 alerts – covering a
Publish At:2016-10-04 23:45 | Read:3587 | Comments:0 | Tags:Latest Security News ics ICS-CERT Industrial Control Systems

ICS-CERT annual vulnerability coordination report 2015, +74% flaws

The US ICS-CERT published its annual vulnerability coordination report for FY 2015 that provided information about security holes reported to the agency. The US ICS-CERT has published its annual vulnerability coordination report for the fiscal year 2015. The report included detailed information about security vulnerabilities reported to the US ICS-CERT in 20
Publish At:2016-10-04 07:20 | Read:4655 | Comments:0 | Tags:Breaking News Reports Security Uncategorized annual vulnerab

Navis WebAccess app used by US Ports is affected by a SQL injection flaw

The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability. A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker “bRpsd,” the expert has discovered the vulnerability i
Publish At:2016-08-24 04:45 | Read:3408 | Comments:0 | Tags:Breaking News Hacking Security critical infrastructure ICS-C

Honeywell Patches Vulnerabilities in Its Midas Gas Detectors

Honeywell, an American multinational company that produces consumer and commercial products, aerospace systems, and engineering services, has patched two vulnerabilities in its Midas gas detectors.According to an alert issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the vulnerabilities affect versions 1.13b1 and earlier of
Publish At:2015-12-08 11:00 | Read:3680 | Comments:0 | Tags:Latest Security News Honeywell ics ICS-CERT Midas NERC CIP

Advantech Clears Hard-Coded SSH Keys from EKI Switches

Critical industrial switches used worldwide for automation contained hard-coded SSH keys that put devices and networks at risk.Advantech, a Taiwanese distributor, has developed new firmware for its EKI-122x series of products that remove the hard-coded SSH keys. SSH keys are a means by which computers authenticate one another without the need for a password.
Publish At:2015-11-06 21:50 | Read:2610 | Comments:0 | Tags:Critical Infrastructure Advantech EKI critical infrastructur

Empowering Pipeline SCADA Cybersecurity

Our nation depends heavily on the more than 2.3 million miles of pipelines in the United States that move oil, gas and other liquid products cross country to delivery points, such as airports, refineries, homes, and businesses.At an average of every 40 miles for natural gas pipelines, there are compressor stations that move the gas further along the pipeline
Publish At:2015-11-03 02:40 | Read:8668 | Comments:0 | Tags:Featured Articles ICS Security cybersecurity ICS-CERT malwar

Schneider Patches Plaintext Credentials Bug in Building Automation System

Industrial control manufacturer Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability.Researcher Artyom Kurbatov discovered that the system transmits user credentials in plaintext between the server and client machines. An advisory from the Industrial Co
Publish At:2015-09-16 21:15 | Read:2423 | Comments:0 | Tags:Critical Infrastructure Privacy Vulnerabilities Web Security

Three Vulnerabilities in SIMATIC HMI Devices Patched by Siemens

Siemens, a leading producer of systems for power generation and transmission as well as medical diagnosis, has patched three vulnerabilities affecting a variety of SIMATIC HMI devices.The multinational technology company was first alerted to the vulnerabilities, among them two Schneider kits and a number of remote and local exploits, by the Quarkslab team an
Publish At:2015-08-31 17:05 | Read:3925 | Comments:0 | Tags:Latest Security News DoS ICS-CERT MITM password Siemens

ICS-CERT warns for 0-Day vulnerabilities in SCADA systems

The ICS-CERT has recently published six security advisories to warn organizations about a number of 0-day flaws in SCADA systems. The ICS-CERT has published six advisories to warn organizations about the presence of Zero-Day Flaws in SCADA Systems. Aditya K. Sood, security researcher at Elastica, has revealed in a talk at the
Publish At:2015-08-18 14:15 | Read:3445 | Comments:0 | Tags:Breaking News Hacking Security 0-day Def Con 2015 HMI ICS-CE

Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched

Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON.The Industrial Control System Cyber Emergency Response Team (ICS-CERT) released an alert late last week and patches are currently being validated according to ICS-CERT and researcher Aditya K. Sood, who gave the DEF CON presentation.
Publish At:2015-08-17 19:55 | Read:3384 | Comments:0 | Tags:Critical Infrastructure Web Security Aditya K Sood DEF CON H

Hacking Wireless Ghosts Vulnerable For Years

By Lucas Apa @lucasapaIs the risk associated to a Remote Code Execution vulnerability in an industrial plant the same when it affects the human life? When calculating risk, certain variables and metrics are combined into equations that are rendered as static numbers, so that risk remediation efforts can be prioritized. But such calculations sometimes i
Publish At:2015-07-03 00:00 | Read:4232 | Comments:0 | Tags:apa black hat critical infrastructure Cryptography ekoparty

Researcher found Wind turbines and solar systems vulnerable worldwide

A German security researcher reported hundreds of wind turbines and solar systems wide open to easy exploits worldwide due to the lack of security by design The German researcher Maxim Rupp has discovered numerous security issues in clean energy systems, including solar lighting and wind turbines. The possible consequence of a
Publish At:2015-06-14 14:00 | Read:3989 | Comments:0 | Tags:Breaking News Hacking Security energy ICS-CERT SCADA solar s

Dell report revealed attacks on SCADA system are doubled

A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems. The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year. Unfortunately, the m
Publish At:2015-04-15 18:35 | Read:3598 | Comments:0 | Tags:Breaking News Hacking Reports Security air-gapped network AP


Share high-quality web security related articles with you:)


Tag Cloud