White Phosphorus Exploit Pack Ver 1.11 Released for Immunity Canvas
Version 1.11 of the White Phosphorus exploit pack is now ready, and contains5 new exploit modules, including one for SCADA. The total number of modules in the pack is now 87, with a mixture of both...
View ArticleGleg releases Ver 1.1 of the SCADA+ Pack for Canvas
Gleg Ltd. annouced the availability of Release 1.1 of the SCADA+ pack for Immunity's Canvas.Here are the details of the release contents:Beckhoff TwinCAT ENI Server v1.1.6.0 (zero day)Iconics...
View ArticleComments on Langner post: "ICS-CERT on Beresford Vulns: Flawed Analysis,...
On August 20, 2011, Ralph Langner posted a very insightful blog on the recent security work of NSS Labs' Dillon Beresford (Twitter @D1N) and the report that ICS-CERT released regarding this research....
View ArticleOffensive Security Releases Backtrack 5 R1
On August 18, Offensive Security released BackTrack 5 R1. This release contains over 120 bug fixes, 30 new tools and 70 tool updates. They plan to roll out new how-to's on their website's wiki in the...
View ArticleGleg releases Version 1.4 of the SCADA+ Pack for Canvas
On July 21, Gleg Ltd. annouced the availability of Release 1.4 of the SCADA+ pack for Immunity's Canvas. This confirms a trend by which Gleg appears to be offering an updated SCADA+ pack about every...
View ArticleGleg releases Ver 1.5 of the SCADA+ Exploit Pack for Immunity Canvas
Today (August 25, 2011), Gleg announced the availability of Version 1.5 of the SCADA+ add-on exploit pack for Immunity's CANVAS exploitation framework (much like the Metasploit Framework). As we have...
View ArticleSecurity researcher Luigi Auriemma again discloses publicly numerous...
On September 13, 2011, Italian Security Research Luigi Auriemma (web site) disclosed a laundry list of vulnerabilities that target six (6) different Industrial Control Systems, including United States...
View ArticleOil and Gas Cyber Security Forum 2011 - London - Nov. 21-22
SCADAhacker is proud to be a key member of the speaker roster at the launch of SMI's inaugural Oil and Gas Cyber Security Forum 2011. This conference takes place in London on November 21-22, bringing...
View ArticleGleg releases Ver 1.6 of the SCADA+ Exploit Pack for Immunity Canvas
On September 26, Gleg released version 1.6 of their SCADA+ exploit pack for Immunity Canvas. This release includes several new modules including many found by Luigi Auriemma. Note that Metasploit has...
View ArticleSCADAhacker to Speak at Information Security Trends Meeting in Columbia
I will be speaking on current issues facing industrial control system (ICS) cyber security issues at the Digiware Information Security Trends Meeting scheduled for October 12, 2011 at the Marriott...
View ArticleClik here to view.
Son of Stuxnet has Surfaced in Europe According to Symantec Report (update 1)
According to a blog posted by Symantec on October 18, and as reported by Homeland Security News Wire on October 19, a research lab with "strong international connections" alerted Symantec to sample...
View ArticleMicrosoft and other AV Vendors offer signatures for W32.Duqu
As recently communicated via the SCADASec forum, Microsoft and others have made available anti-virus signature updates for the W32.Duqu trogan, covering at least three variants. The links below are to...
View ArticleGleg releases Ver 1.7 of the SCADA+ Exploit Pack for Immunity Canvas
On October 20, Gleg released version 1.7 of the SCADA+ Exploit Pack for the Immunity Canvas framework, though this time around, I do not see a lot of unique value in the code updates. Modules of...
View ArticleDoes Anyone Want the Source Code to Stuxnet? Come and Get It!!! (update 1)
After reading report-after-report, blog-after-blog during the past 24 hours, I have decided that rather than comment to each of these individually to offer some additional information which should help...
View ArticleClik here to view.
Duqu: ICS experts weigh in on protecting against zero-day threats - Oct. 25,...
On October 18, 2011, ICS-CERT issued an advisory related to the discovery of new malware – W32.Duqu – targeting industrial control systems. One year after revelations of Stuxnet came to light, the...
View ArticleSCADAhacker to Offer ICS / SCADA "Blue Team" Security Training and Awareness...
Having been involved in the industry for several years, I have realize that there is a lack of specific training to address "how to secure" industrial control systems. There are several very good...
View ArticleSCADAhacker publishes Duqu Reference Page
Based on the success of the Stuxnet Resource Page on SCADAhacker.com, today I launched a similar page consolidating the useful information and material relating to the new "Son of Stuxnet" malware...
View ArticleAre Web Services a Dumb Idea???
I recently read a blog post by Reid Wightman on the @DigitalBond site entitled "When Web Services are a Dumb Idea". It seems that the folks at Digital Bond are on some kind of mission to create a list...
View ArticleUPDATED: Hackers Independently Attack Two Different Water Utility Districts
Updated: November 23, 2011News reports broke on November 18, 2011 (Attack on City Water Station Destroys Pump - Wired) when fellow security specialist Joe Weiss blogged about a report released on...
View ArticleGleg releases Ver 1.8 of the SCADA+ Exploit Pack for Immunity Canvas
On November 24, Gleg released version 1.8 of the SCADA+ Exploit Pack for the Immunity Canvas framework, along with a corresponding version 2.7 of the Agora Exploit Pack.In SCADA+ 1.8 there are modules...
View Article