A summary of recent releases includes:
- Version 1.22 was released on February 27, 2012
- Version 1.21 was released on February 7, 2012
- Version 1.20 was released on December 21, 2012
- Version 1.19 was released on November 8, 2012
Monday, April 22, 2013
Gleg releases Ver 1.23 of the SCADA+ Exploit Pack for Immunity Canvas
Gleg announced this morning (April 22) the release of version 1.23 of the SCADA+ Exploit Pack for the Immunity Canvas framework. This is keeping with their unofficial schedule of continuing to release updates to this exploit pack approximately every month.
A summary of recent releases includes:
A summary of recent releases includes:
Monday, December 24, 2012
Gleg releases Ver 1.20 of the SCADA+ Exploit Pack for Immunity Canvas
In keeping with their previous record of releasing updates on a regular basis, Gleg announced on December 24 the release of version 1.20 of the SCADA+ Exploit Pack for the Immunity Canvas framework.
Version 1.19 was released on November 8, 2012.
Thursday, November 8, 2012
Gleg releases Ver 1.19 of the SCADA+ Exploit Pack for Immunity Canvas
On November 8, reference on the Gleb website indicates that they will be releasing version 1.19 of the SCADA+ Exploit Pack for the Immunity Canvas framework offer by Gleg. On November 9, the Immunity Inc. listserver provided confirmation that the update is now available.
Gleg remains active and devoted to continuing to release SCADA+ Exploit Pack modules on a regular basis, with this release coming just 4 weeks after v1.18!
All of the SCADA exploits included in this release cover 0-day vulnerabilities that have not been previously disclosed, including any published advisories or alerts from ICS-CERT. Both ICS systems included in this release represent reasonable risk to critical infrastructure and manufacturing facilities within the USA.
Gleg remains active and devoted to continuing to release SCADA+ Exploit Pack modules on a regular basis, with this release coming just 4 weeks after v1.18!
All of the SCADA exploits included in this release cover 0-day vulnerabilities that have not been previously disclosed, including any published advisories or alerts from ICS-CERT. Both ICS systems included in this release represent reasonable risk to critical infrastructure and manufacturing facilities within the USA.
Wednesday, October 10, 2012
Gleg releases Ver 1.18 of the SCADA+ Exploit Pack for Immunity Canvas
On October 10, Gleg released version 1.18 of the SCADA+ Exploit Pack for the Immunity Canvas framework, along with a corresponding version 2.17 of the Agora Exploit Pack.
Gleg remains active and devoted to continuing to release SCADA+ Exploit Pack modules on a regular basis, at approximately 4-8 week intervals!
All of the SCADA exploits included in this release cover 0-day vulnerabilities that have not been previously disclosed, including any published advisories or alerts from ICS-CERT. Two of the systems included in this release do not appear to be high-risk to most critical infrastructure and manufacturing facilities within the USA; however, these products do have references within these industries in other countries so due diligence should be performed if you own a potentially vulnerable system. A third system, which is actually one of the leading RTOS used by many embedded devices, could pose elevated risk to ICS users.
Gleg remains active and devoted to continuing to release SCADA+ Exploit Pack modules on a regular basis, at approximately 4-8 week intervals!
All of the SCADA exploits included in this release cover 0-day vulnerabilities that have not been previously disclosed, including any published advisories or alerts from ICS-CERT. Two of the systems included in this release do not appear to be high-risk to most critical infrastructure and manufacturing facilities within the USA; however, these products do have references within these industries in other countries so due diligence should be performed if you own a potentially vulnerable system. A third system, which is actually one of the leading RTOS used by many embedded devices, could pose elevated risk to ICS users.
Thursday, April 5, 2012
What do March Madness and Cyber Security have in common?
(this blog was originally posted by Bryan Owen on the vCampus Blog and is copied here for wider distribution)
OSIsoft User Conference 2012: Cyber Security Line Up
March Madness is a wrap, did your picks do well? You can consider the Pwn2Own competition at CanSecWest as a cyber security version of March Madness.
In continuation of a global trend, this year signaled a change in the 'sport of hacking'. Move over undergrads. Pwn2Own has become a professional contest. It was Vupen's dedicated exploit team versus Google's Chrome security team (both declared victory but Vupen's story won better news coverage).
So yes, cyber security is a team sport. It is complete with talented athletes, coaches, and trainers. Let's not forget the fans, institutions, regulators, media and the rest of the eco system. Do you have PI System security superstars on your team?
I'm very pleased to call out a strong cyber security line up for User Conference 2012:
OSIsoft User Conference 2012: Cyber Security Line Up
March Madness is a wrap, did your picks do well? You can consider the Pwn2Own competition at CanSecWest as a cyber security version of March Madness.
In continuation of a global trend, this year signaled a change in the 'sport of hacking'. Move over undergrads. Pwn2Own has become a professional contest. It was Vupen's dedicated exploit team versus Google's Chrome security team (both declared victory but Vupen's story won better news coverage).
So yes, cyber security is a team sport. It is complete with talented athletes, coaches, and trainers. Let's not forget the fans, institutions, regulators, media and the rest of the eco system. Do you have PI System security superstars on your team?
I'm very pleased to call out a strong cyber security line up for User Conference 2012:
Wednesday, November 30, 2011
Hackers accessed city infrastructure via SCADA
(This article was originally written by Hal Hodsen on November 29, 2011 via Information Age and has been copied here for reference purposes only.)
The deputy assistant director of the FBI's Cyber Division says hackers recently accessed the infrastructure of three cities through SCADA systems
Hackers recently accessed the critical infrastructure of three unnamed cities by compromising their SCADA (supervisory control and data acquisition) systems, the deputy assistant director of the FBI's Cyber Division said today.
The deputy assistant director of the FBI's Cyber Division says hackers recently accessed the infrastructure of three cities through SCADA systems
Hackers recently accessed the critical infrastructure of three unnamed cities by compromising their SCADA (supervisory control and data acquisition) systems, the deputy assistant director of the FBI's Cyber Division said today.
Sunday, November 27, 2011
Gleg releases Ver 1.8 of the SCADA+ Exploit Pack for Immunity Canvas
On November 24, Gleg released version 1.8 of the SCADA+ Exploit Pack for the Immunity Canvas framework, along with a corresponding version 2.7 of the Agora Exploit Pack.
In SCADA+ 1.8 there are modules for several fresh public SCADA/ICS vulnerabilities, most of which were recently disclosed by Luigi Auriemma. Many of these exploits appear to be denial-of-service (DoS) exploits, so this really is not something that I think is worth the money at this time.
In SCADA+ 1.8 there are modules for several fresh public SCADA/ICS vulnerabilities, most of which were recently disclosed by Luigi Auriemma. Many of these exploits appear to be denial-of-service (DoS) exploits, so this really is not something that I think is worth the money at this time.
Subscribe to:
Posts (Atom)