Thursday, April 17, 2014

Why "Heartbleed" will only require a Band-Aid in more most ICS installations

(This article was originally posted on ISSSource on April 16, 2014 by Gregory Hale with contributions from Joel Langill)

Heartbleed may need a band aid to fix various small wounds in the industrial control environment, but it surely does not need open heart surgery.

Tuesday, March 18, 2014

Recent development of ICS exploits continues upward trend of security research

In performing my daily rounds on news feeds and websites, I noticed a lot of recent developments in open-source exploit modules targeting industrial control systems. One very important part of a well-rounded ICS Security Management System (IACS-SMS per ISA 62443 terminology) is situational awareness of the actual risks facing industrial systems in terms of both vulnerabilities disclosed and the ease in converting these proof-of-concept (PoC) disclosures into workable exploit modules.

Wednesday, January 22, 2014

Gleg releases Ver 1.31 of the SCADA+ Exploit Pack for Immunity Canvas

Gleg announced last week (January 16) the release of version 1.31 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.30 was released on December 13, 2013
  • Version 1.29 was released on November 22, 2013
  • Version 1.28 was released on October 7, 2013
  • Version 1.27 was released on September 6, 2013
  • Version 1.26 was released on August 14, 2013
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Friday, November 8, 2013

"Stop the Madness!!!" - Mr. Wonderful, Shark Tank

For those that attended, it was a great week in Rockville at the recent ICSJWG Fall Meeting. I was very much hoping that so many of these "alarmists" who continue to "cry wolf" of these DNP3 vulnerabilities would attend so that we could once and for all resolve some of the issues around how this is being communicated to the broader ICS security community.  Unfortunately, none seemed to show their faces, except for Adam Crain which provided me the opportunity to have a very detailed discussion around these vulnerabilities (unfortunately, the contents of these discussions will remain private).

Tuesday, October 8, 2013

Gleg releases Ver 1.28 of the SCADA+ Exploit Pack for Immunity Canvas

Wow ... they are really providing a steady stream of updates as Gleg announced today (October 8) the release of version 1.28 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.27 was released on September 6, 2013
  • Version 1.26 was released on August 14, 2013
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Tuesday, September 17, 2013

Gleg releases Ver 1.27 of the SCADA+ Exploit Pack for Immunity Canvas

Like clockwork, Gleg announced on September 6 the release of version 1.27 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.26 was released on August 14, 2013
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Thursday, September 5, 2013

InteVyDis releases Ver 10 of the VulnDisco Exploit Pack for Immunity Canvas with ICS Modules

On September 4, InteVyDis announced version 10.0 of their VulnDisco Exploit Pack for the Immunity Canvas framework.  It appears for the first time that this pack contains ICS modules, including 0-days.