Category: ICS Weekly Executive Summaries
ICS Summary for Week of September 14
Crafting Modbus Packets Industrial Control Systems (ICS) operate on a different set of protocols from what the public generally uses. These protocols are becoming more integrated into existing infrastructure and now operate more frequently over Internet protocols like TCP/IP. Modbus is a commonly used ICS
ICS Summary for Week of February 2nd
Gemalto Licensing Tool Vulnerability It has come to light this week that vulnerabilities have been found in the Gemalto Sentinel LDK licensing solution, which is advertised as an “out-of-the-box Software Protection, Licensing,and Entitlement Management System” by Gemalto. The product uses a USB token to provide
ICS Summary for Week of January 26th
Trisis (Triton) Overview The Trisis Malware (also referred to as Triton and HatMan) is not a new piece of malware this week. It was discovered last August in a Saudi Arabian oil and gas plant. It targets Schneider Electric Triconex SIS systems (Triconex being where
ICS Summary for Week of October 27, 2017
Critical Vulnerabilities Found in SATCOM Systems Researchers at IOActive have found two critical vulnerabilities in the AmosConnect 8 SATCOM systems. Created by telecommunications company, Inmarsat, the AmosConnect 8 system provides access to e-mail, instant messages, position reporting, crew internet, automatic file transfer, and application integration
ICS Summary for Week of October 20, 2017
SpiderControl MicroBrowser Found Vulnerable ICS-CERT has released an advisory for SpiderControl’s Microbrowser system. Security researcher, Karn Ganeshen, reported a vulnerability in the Swiss-based company’s touch panel operating system that, if exploited, would allow an attacker to execute arbitrary code on the system (ICS-CERT, 2017). SpiderControl
ICS Summary for Week of October 12, 2017
JanTek TCP/IP Converter Vunerabilities Found – No Patch Available Security researcher, Karn Ganeshan, found two vulnerabilities in the JTC-200 TCP/IP converters. The products from Taiwan-based company, JanTek, are primarily used in the Critical Manufacturing sector in Europe and Asia. The vulnerabilities, if exploited could allow
ICS Summary for Week of October 6, 2017
Siemens Data Manager Found Vulnerable ICS-CERT reported this week that security researcher, Maxim Rupp, found a vulnerability in Siemens’ 7KT PAC1200 data manager. This vulnerability allowed a remote attacker to bypass authentication and perform high level administration functions on the exploited device. Siemens has released
ICS Summary for Week of September 22, 2017
SCADA Webserver Found Lacking Proper Authentication A SCADA webserver made by Swiss-based company, iniNet Solutions GmbH, was found to have a critical vulnerability that may allow a malicious attacker to gain access to human-machine interface (HMI) pages without authentication. The third party software is used
ICS Summary for Week of September 14, 2017
Syringe Infusion Pumps Vulnerable to Remote Attacks ICS-CERT has published an advisory detailing eight vulnerabilities found in Medfusion 4000 Wireless Syringe Infusion Pump manufactured by US-based device maker Smiths Medical. These systems are meant to deliver accurate small doses of medication to patients in critical
ICS Summary for Week of September 8, 2017
Dragonfly 2.0: Hackers Targeting Western Energy Sector Symantec has released a report detailing the new activities of the Dragonfly (also known as Crouching Yeti and Energetic Bear) hacking group. This group has been around since at least 2010, but security groups first reported on them