Friday, November 8, 2013

"Stop the Madness!!!" - Mr. Wonderful, Shark Tank

For those that attended, it was a great week in Rockville at the recent ICSJWG Fall Meeting. I was very much hoping that so many of these "alarmists" who continue to "cry wolf" of these DNP3 vulnerabilities would attend so that we could once and for all resolve some of the issues around how this is being communicated to the broader ICS security community.  Unfortunately, none seemed to show their faces, except for Adam Crain which provided me the opportunity to have a very detailed discussion around these vulnerabilities (unfortunately, the contents of these discussions will remain private).

Tuesday, October 8, 2013

Gleg releases Ver 1.28 of the SCADA+ Exploit Pack for Immunity Canvas

Wow ... they are really providing a steady stream of updates as Gleg announced today (October 8) the release of version 1.28 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.27 was released on September 6, 2013
  • Version 1.26 was released on August 14, 2013
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Tuesday, September 17, 2013

Gleg releases Ver 1.27 of the SCADA+ Exploit Pack for Immunity Canvas

Like clockwork, Gleg announced on September 6 the release of version 1.27 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.26 was released on August 14, 2013
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Thursday, September 5, 2013

InteVyDis releases Ver 10 of the VulnDisco Exploit Pack for Immunity Canvas with ICS Modules

On September 4, InteVyDis announced version 10.0 of their VulnDisco Exploit Pack for the Immunity Canvas framework.  It appears for the first time that this pack contains ICS modules, including 0-days.


Wednesday, August 14, 2013

Gleg releases Ver 1.26 of the SCADA+ Exploit Pack for Immunity Canvas

Right on schedule with their next release just one month after their previous update ... Gleg announced on August 14 the release of version 1.26 of the SCADA+ Exploit Pack for the Immunity Canvas framework.

A summary of recent releases includes:
  • Version 1.25 was released on July 5, 2013
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Thursday, July 11, 2013

Gleg releases Ver 1.25 of the SCADA+ Exploit Pack for Immunity Canvas

Gleg announced on July 5 the release of version 1.25 of the SCADA+ Exploit Pack for the Immunity Canvas framework.  This is keeping with their unofficial schedule of continuing to release updates to this exploit pack approximately every month.

A summary of recent releases includes:
  • Version 1.24 was released on May 14, 2013
  • Version 1.23 was released on April 22, 2013
  • Version 1.22 was released on February 27, 2013
  • Version 1.21 was released on February 7, 2013
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012

Monday, April 22, 2013

Gleg releases Ver 1.23 of the SCADA+ Exploit Pack for Immunity Canvas

Gleg announced this morning (April 22) the release of version 1.23 of the SCADA+ Exploit Pack for the Immunity Canvas framework.  This is keeping with their unofficial schedule of continuing to release updates to this exploit pack approximately every month.

A summary of recent releases includes:
  • Version 1.22 was released on February 27, 2012
  • Version 1.21 was released on February 7, 2012
  • Version 1.20 was released on December 21, 2012
  • Version 1.19 was released on November 8, 2012
I will provide details of this releases in a subsequent post.