Thursday, August 6, 2015

SCADA with antenna

Sometimes you can meet a SCADA with antenna.
Sometimes it's a old and boring 802.11 Wi-Fi antenna.
Sometimes it's a cool bright new 3G/4G device.


Tuesday, August 4, 2015

A Few Facts on IEC61850 in China

A Few Facts on IEC61850-based Substation Integration & Automation in China by Mr Jim Y Cai, Dr Gao Xiang and Dr. Jun Zha:
- In 2013, 10 000 substations from 35KV to 10000KV with 100% 61850 based IEDs are in operation
- By the end of 2013, there are 893 fully digital substations with process bus are in operation

See you there http://xcon.xfocus.org/

Monday, July 20, 2015

Bootkit via SMS (updated)

Updated slides of Bootkit via SMS research as presented at HITB by Timur Yunusov
and Kirill Nesterov.
New stuff: user tracking, "infection" statistics, suddenly vxWorks.


Monday, May 18, 2015

Friends don't let friends put SCADA on the Internet

New analytic research on ICS components vulnerabilities.

146 137 are online, (at least) 15000 can be hacked by script-kiddie.

Pictures below


Tuesday, May 5, 2015

More news from nowhere

Fixes for Inductive Automation Ignition 7.7.2. Bugs by Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai. Simple bugs, simple list.
CVE-2015-0976
CVE-2015-0991
CVE-2015-0992
CVE-2015-0993
CVE-2015-0994
CVE-2015-0995

Now or never. CIA vs Schneider Electric

Few bugs in InduSoft Web Studio and InTouch Machine Edition 2014 recently fixed by Schneider Electric were discovered during PHDays Critical Infrastructure Attack challenge. Kudos @alisaesage. For bless you.

Absolutely old-school-community-drive-responsible-disclosure in action. Many emotions left behind..

Enjoy

Tuesday, February 17, 2015