News

This is a archive for News.

Wednesday, November 14, 2018 @ 11:11 AM gHale

By Gregory Hale
A connected manufacturing enterprise will garner great benefits for end users, there is no doubt, but in that rush to greater connectivity, one of the underlying forces is it all has to stay secure. “We are in a traditionally conservative industry, but we are seeing the need to be agile and more rapid,” said Blake Moret, chief executive and chairman of Rockwell Automation during his Tuesday keynote address at Automation Perspectives the day before Automation Fair opened up in Philadelphia, PA. “We embrace the need for speed. Using IT technology will help speed the pace of

Wednesday, November 14, 2018 @ 10:11 AM gHale

Siemens has workarounds and mitigations to handle path traversal and open redirect vulnerabilities in its SIMATIC Panels, according to a report by NCCIC. Successful exploitation of these remotely exploitable vulnerabilities, discovered by Hosni Tounsi from Carthage Red Team // Carthage Cyber Services, could allow download of arbitrary files from the device, or allow URL redirections to untrusted websites. RELATED STORIES
SIMATIC IT Production Suite Hole Fixed
SIMATIC STEP 7 TIA Portal Hole Filled
Siemens Clears SIMATIC S7 Vulnerability
Siemens Plugs SCALANCE S Hole Siemens said these vulnerabilities affect the following SIMATIC products:
More

Wednesday, November 14, 2018 @ 10:11 AM gHale

Siemens has a new version to mitigate an improper authentication vulnerability in its SIMATIC IT Production Suite, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an attacker to compromise confidentiality, integrity and availability of the system. RELATED STORIES
SIMATIC STEP 7 TIA Portal Hole Filled
Siemens Clears SIMATIC S7 Vulnerability
Siemens Plugs SCALANCE S Hole
Siemens Fixes SIMATIC Panels, SIMATIC WinCC Siemens reports this vulnerability affects the following products:
• SIMATIC IT LMS all versions
• SIMATIC IT Production Suite:

Wednesday, November 14, 2018 @ 09:11 AM gHale

Siemens has a new version to handle an unprotected storage of credentials hole in its SIMATIC STEP 7 (TIA Portal), according to a report with NCCIC. Successful exploitation of this vulnerability, which Siemens self-reported, could allow an attacker to reconstruct passwords. RELATED STORIES
Siemens Clears SIMATIC S7 Vulnerability
Siemens Plugs SCALANCE S Hole
Siemens Fixes SIMATIC Panels, SIMATIC WinCC
Siemens Mitigates Hole in S7-400 CPUs SIMATIC STEP 7 (TIA Portal): All versions prior to 15.1 suffer from the issue. In the vulnerability, password hashes with insufficient computational effort could allow an attacker

Tuesday, November 13, 2018 @ 08:11 PM gHale

Siemens has updates available to handle a code injection vulnerability in its SIMATIC Panels and SIMATIC WinCC (TIA Portal), according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an attacker with network access to the web server to perform a HTTP header injection attack. RELATED STORIES
Siemens Mitigates Hole in S7-400 CPUs
Siemens Clears Improper Access Control Hole
Roche Updates Point of Care Fix
Philips Security Plan for iSite, IntelliSpace PACS
Fr. Sauter Fix for CASE Suite Siemens reports the vulnerability

Tuesday, November 13, 2018 @ 07:11 PM gHale

Siemens has mitigations in place to handle an improper input validation vulnerability in its S7-400 CPUs, according to a report with NCCIC. Successful exploitation of these remotely exploitable vulnerabilities, discovered by CNCERT/CC who reported it to Siemens, could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation. RELATED STORIES
Siemens Clears Improper Access Control Hole
Roche Updates Point of Care Fix
Philips Security Plan for iSite, IntelliSpace PACS
Fr. Sauter Fix for CASE Suite Siemens said vulnerabilities affect the

Tuesday, November 13, 2018 @ 07:11 PM gHale

Siemens released updates to handle an improper access control vulnerability in its IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability, which Siemens self reported, could allow a remote attacker to exfiltrate limited data from the system or execute code with operating system user permissions. RELATED STORIES
Roche Updates Point of Care Fix
Philips Security Plan for iSite, IntelliSpace PACS
Fr. Sauter Fix for CASE Suite
Charging Station Vulnerability Cleared The following

Tuesday, November 13, 2018 @ 05:11 PM gHale

Just over one month after a ransomware attack hit a North Carolina water utility, few details have emerged. The Onslow Water and Sewer Authority (ONWASA) had its internal computer system, including servers and personal computers, hit by a “sophisticated ransomware attack.” RELATED STORIES
USB Drives Loaded with ICS-Based Malware
Russia Behind Triton Attack: Report
TUG: Safety System Attack ‘Slow Burn’
Lessons Learned One Year After Triton While customer information did not suffer in the in the attack, other databases had to recreated, said Jeffrey Hudson, ONWASA chief executive. The FBI, the Department

Tuesday, November 13, 2018 @ 03:11 PM gHale

Every member of the European Union are a part of the 51 states that pledged their support for an international agreement to set standards on cyberweapons and the use of the Internet. The states signed the “Paris Call for Trust and Security in Cyberspace,” in an effort to fire up a global plan to set standards for things like cyberweapons. RELATED STORIES
USB Drives Loaded with ICS-Based Malware
Russia Behind Triton Attack: Report
TUG: Safety System Attack ‘Slow Burn’
Lessons Learned One Year After Triton Among the notable countries that did not

Friday, November 9, 2018 @ 04:11 PM gHale

A 23-year-old Utah man is facing up to 10 years in prison after pleading guilty to a series of denial-of-service (DoS) attacks against multiple online services, websites, and gaming platforms, federal officials said. Austin Thompson was accused of conducting these attacks between 2013 and 2014, according to the Department of Justice (DoJ). RELATED STORIES
Two Face Stolen Credit Card Charges
Ex-FBI Agent Sent to Slammer
Hacking Suspect Busted after Boasting
Not Guilty Plea in for Aviation Espionage The goal of DoS attacks is to completely shut down a network or a computing