Information Security

SDG Technologies Plug and Play SCADA XSS Vulnerability

NCCIC/ICS-CERT is aware of a public disclosure of a cross-site scripting vulnerability with proof-of-concept (PoC) exploit code affecting SDG Technologies Plug and Play SCADA, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product. According to this report, the vulnerability is exploitable by inserting malicious script in the HTML request to web servers. Source: US-CERT ICS Read more about SDG Technologies Plug and Play SCADA XSS Vulnerability[…]

Information Security

Rockwell Automation 1769-L18ER and A LOGIX5318ER Vulnerability (Update A)

This alert update is a follow-up to the original NCCIC/ICS-CERT Alert titled ICS ALERT 15 225-01 Rockwell Automation 1769-L18ER and Logix5318ER Vulnerability that was published August 13, 2015, on the ICS-CERT web page. NCCIC/ICS-CERT is aware of a public report of a cross-site scripting vulnerability with proof-of-concept (PoC) exploit code affecting Rockwell Automation 1769-L18ER/A LOGIX5318ER Read more about Rockwell Automation 1769-L18ER and A LOGIX5318ER Vulnerability (Update A)[…]

Rockwell Automation 1766-L32 Series Vulnerability (Update A)

This alert update is a follow-up to the original NCCIC/ICS-CERT Alert titled ICS ALERT 15 225-02 Rockwell Automation 1766-L32 Series Vulnerability that was published August 13, 2015, on the ICS-CERT web page. NCCIC/ICS-CERT is aware of a public report of a remote file inclusion vulnerability with proof-of-concept (PoC) exploit code affecting Rockwell Automation 1766-L32BWAA/1766-L32BXBA web Read more about Rockwell Automation 1766-L32 Series Vulnerability (Update A)[…]

Information Security

KAKO HMI Hard-coded Password

NCCIC/ICS-CERT is aware of a public report of a hard-coded password vulnerability with proof-of-concept (PoC) exploit code affecting KAKO HMI products. According to this report, the password is easily found in the client code. This report was released before coordination could be completed with the vendor and ICS-CERT. ICS-CERT has notified the affected vendor of Read more about KAKO HMI Hard-coded Password[…]

Schneider Electric Modicon M340 PLC Station P34 Module Vulnerabilities

NCCIC/ICS-CERT is aware of public reports of vulnerabilities with some proof-of-concept (PoC) exploit code affecting several Schneider Electric’s Modicon M340 PLC Station P34 I/O modules. This is a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product. ICS CERT is issuing this alert to provide early notice of the reports and identify baseline mitigations for reducing Read more about Schneider Electric Modicon M340 PLC Station P34 Module Vulnerabilities[…]

£5k Innovation Vouchers up for grabs for Cyber Security Improvements

The UK Government have announced a new scheme to protect small businesses from cyber attacks.   Yesterday, Digital Economy Minister Ed Vaizey outlined a new voucher scheme designed specifically to help small and medium-sized businesses (SMEs) as part of a package of measures to improve the UK’s cyber security resilience.  The package also includes a new online learning and careers hub to help ensure the UK has the cyber skills talent pool to protect both the public and private sectors as we face the reality of increasing cyber threats. […]

New version of OpenSSL to address critical vulnerability out soon

OpenSSL update due soonThe OpenSSL Project team announced on Monday the 6th of July that OpenSSL versions 1.0.2d and 1.0.1p will be released shortly to address a serious security bug.  According to the developers of the popular open-source toolkit for SSL/TLS, OpenSSL 1.0.2d and 1.0.1p will be released on Thursday, July 9, and they will fix a single high severity vulnerability. […]

Zero day to commercial exploit kit in 4 days… how do we weather the cyber security storm?

Cyber Security Storm

Just four days after Adobe Systems patched a vulnerability in Flash Player, a malware researchers spotted a drive-by download attack that was exploiting it to install CryptoWall ransomware on the victim’s computer.  Further research showed that the exploit was added to the commercial exploit kit called Magnitude  and that this has clearly now been adopted by cybercriminals across the world for use in large-scale attacks.    […]

Information Security

Securing your VPN and RDP sessions against attackers

Mandiant have recently published their 2015 M-Trends report which highlights the new attack trends they have identified through their role as security incident first responders over the last year.  It is an interesting and informative report which is worth a read, and can be found here (registration is required, I’m afraid!).  A couple of key points from the report caught my attention, most notably how attackers are exploiting remote access facilities such as VPNs. […]