(Originally posted in PC World, March 25 by Jeremy Kirk, IDG News and edited by SCADAhacker)
A Russian security company plans to release an upgraded exploit pack for industrial control software that incorporates a raft of new vulnerabilities released by an Italian security researcher [on March 21].
The three-person company, called Gleg, is based in Moscow and specializes in vulnerability research. It recently began focusing on problems within SCADA (supervisory control and data acquisition) systems, which are used in factories, utilities and many other kinds of industrial applications, said Yuriy Gurkin, Gleg's CEO.
Gleg works with the Miami company Immunity, which sells a tool called Canvas, which is a framework for penetration testers wanting to try out the latest exploits against software vulnerabilities, along the same lines as the Metasploit tool.
Gleg supplies Immunity with exploit packs, which are add-ons with specific kinds of exploits, for Canvas. Gleg's main product is Agora, which integrates with Canvas. Agora is regularly updated with publicly disclosed zero-day, or new, vulnerabilties and those discovered by its research team. [SCADAhacker regularly posts updates when new releases are available to the Agora and SCADA+ exploit packs]
About two weeks ago, Gleg released Agora SCADA+, a new add-on for Canvas, Gurkin said. It contains 27 exploits for SCADA software and will mostly likely have around 35 exploits when an upgrade is released next week, he said.
Gurkin said Gleg is incorporating the exploits written by Luigi Ariemma, who found about 50 vulnerabilities in four SCADA products made by Siemens, Iconics, 7-Technologies and Datac. All four companies had products with remotely exploitable vulnerabilities.
On his website, Ariemma self-published vulnerability details, which were also published on Bugtraq. He did not inform the vendors prior to releasing the information, something that is considered bad form by some in the security community. Officials at two of the vendors -- 7-Technologies and Datac -- said earlier this week they were working on patches.
Gurkin said he believes responsible disclosure practices are out of date.
"We, like Luigi, don't notify vendors," Gurkin said. "This is a waste of time."
However, Gleg's partner Immunity does vet organizations that are interested in buying Canvas to verify they are not going to use the product in a malicious way.
Gurkin said he has seen increasing requests from companies for SCADA audits. "Sometimes our partners who use different SCADA software ask us to check something they have, with terms like 'You give us recommendations, we give you access to the system'," he said.
The high-profile Stuxnet malware has also prompted wider concern, he said. Stuxnet is a worm that was designed to target Siemens' WinCC industrial control software. It was packaged with four zero-day exploits for Microsoft Windows. It is now widely believed that Stuxnet was designed to disrupt Iran's uranium enrichment program.
SCADA software was often not intended to be connected to the Internet, but nonetheless more companies have done that anyway, which poses security risks, Gurkin said. Companies in the SCADA field are also not as open as other software companies about exchanging security tips and knowledge, he said.
A three-month subscription for Agora SCADA+ costs US$2,250, which includes updates to the exploit pack and a single license for the Canvas framework. A one-year subscription costs $5,400 and also comes with one Canvas license.
nice bLog! its interesting. thank you for sharing.... fingerprint access control system
ReplyDeletei love reading this article so beautiful!!great job! Degree Attestation
ReplyDeleteExcellent Information , which you are shared Canada student visa
ReplyDeleteExcellent article. Very interesting to read. I really love to read such a nice article. Thanks! keep rocking. security firms in singapore
ReplyDeleteThank you very much for this useful article. I like it. security firms singapore
ReplyDeleteI am very enjoyed for this blog. Its an informative topic. It help me very much to solve some problems. Its opportunity are so fantastic and working style so speedy. security guard services singapore
ReplyDeleteAdmiring the time and energy you put into your blog and the detailed information you provide. certificate attestation in dubai
ReplyDeleteThank you for sharing gretful information!! British Nursery in Dubai
ReplyDeleteThanks for another wonderful post. Where else could anybody get that type of info in such an ideal way of writing? https://www.tumblr.com/blog/securitycompany11
ReplyDeleteEverything has its value. Thanks for sharing this informative information with us. GOOD works! cambodia security company
ReplyDeleteThanks for taking the time to discuss that, I feel strongly about this and so really like getting to know more on this kind of field. Do you mind updating your blog post with additional insight? It should be really useful for all of us. security company
ReplyDeleteThanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. https://securityservices518270229.wordpress.com/2022/01/20/how-to-find-the-best-security-services-provider-for-your-cambodian-business/
ReplyDeleteGreat post, and great website. Thanks for the information! security company in cambodia
ReplyDeleteGreat write-up, I am a big believer in commenting on blogs to inform the blog writers know that they’ve added something worthwhile to the world wide web!.. security service in cambodia
ReplyDeleteThanks for the blog loaded with so many information. Stopping by your blog helped me to get what I was looking for. security guard in cambodia
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value of providing a quality resource for free. security company in sihanoukville
ReplyDeleteGreat article Lot's of information to Read...Great Man Keep Posting and update to People..Thanks https://penzu.com/p/2adfc0e9
ReplyDeleteWow! Such an amazing and helpful post this is. I really really love it. It's so good and so awesome. I am just amazed. I hope that you continue to do your work like this in the future also security company phnom penh
ReplyDeleteThanks a lot for sharing this excellent info! I am looking forward to seeing more posts by you as soon as possible! I have judged that you do not compromise on quality. https://d4nielleroy.wixsite.com/my-site/post/the-importance-of-a-security-company-in-sihanoukville
ReplyDeleteThanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with extra information? It is extremely helpful for me. security service company in cambodia
ReplyDeleteHello, this weekend is good for me, since this time i am reading this enormous informative article here at my home. cambodian security guard
ReplyDeleteI was surfing the Internet for information and came across your blog. I am impressed by the information you have on this blog. It shows how well you understand this subject. https://security-company21.mystrikingly.com/
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis is my first time visit to your blog and I am very interested in the articles that you serve. Provide enough knowledge for me. Thank you for sharing useful and don't forget, keep sharing useful info: security guard sihanoukville
ReplyDeleteWhen your website or blog goes live for the first time, it is exciting. That is until you realize no one but you and your. school security guard company
ReplyDeleteI found that site very usefull and this survey is very cirious, I ' ve never seen a blog that demand a survey for this actions, very curious... cambodian security guard to hire
ReplyDeleteYour article is very good and useful, thank you for sharing. Having found some duplicate contacts backed up on your iCloud and are wondering to delete multiple contacts from iCloud at one? If yes, you are in the right place you can easily delete useless contact from iCloud, I know one article about iCloud contacts, in this article there are some ways to delete contact from iCloud on iPhone, so without wasting time you read this article and delete duplicate contacts and enjoy them.
ReplyDeleteGreat blog. Are you an AFK Arena game player? if yes, if you want to unlock the newest rewards of the arena game. AAFK Arena promo codes will help you to get the premium rewards like Large Crates of Gold, 120 Rare Hero Soulstones and 60 Elite Hero Soulstones, use these rewards and beat all the opponents. For more guidelines, you can visit it.
ReplyDeleteThanks one
ReplyDeleteBest Hospitals In Bahrain