Quantcast
Channel: SCADA Hacking – Digital Bond's ICS Security
Browsing latest articles
Browse All 11 View Live

Image may be NSFW.
Clik here to view.

Redpoint: Schneider/Modicon PLC Enumeration

Our Stephen Hilt released another Project Redpoint script as part of his DerbyCon presentation on Sunday. Modicon-info.nse will identify PLC’s and other Schneider Electric/Modicon devices on the...

View Article


Image may be NSFW.
Clik here to view.

Protocol Differential Analysis

The term Protocol Differential Analysis needs to make Google as an infosec technique.  I first heard the term from esSOBi at Indianapolis’ Circle City Con.  I first encountered the trick, though, in a...

View Article


Image may be NSFW.
Clik here to view.

S4x15 Capture the Flag

This year at S4x15, Digital Bond set out to create an ICS  Capture The Flag, or CTF. Flags were created to simulate real world situations that an attacker would encounter if he targeted an ICS. By the...

View Article

S4x15 Video – Creating Secure ICS Protocols

At S4x14 Adam Crain of Automatak, along with Chris Sistrunk, presented the results of their Project Robus that fuzzed DNP3 stacks and found most had problems with processing malformed or illegal...

View Article

Image may be NSFW.
Clik here to view.

SHAKACON Day 2 & Go/No Go

SHAKACON was a well run and friendly conference with about 300 attendees and high quality talks over 2 days. If you are thinking about it for 2016: GO – If you live in Hawaii. This is a no brainer. The...

View Article


Patching Insecure By Design Zones

My last article made the case that there is only trivial risk reduction in applying security patches to Insecure By Design applications and devices. Now consider the actual risk reduction achieved by...

View Article

So What Should I Bother Patching In My ICS?

My last two articles covered the negligible risk reduction of applying security patches to Insecure By Design Devices and the minimal risk reduction of applying security patches to Insecure By Design...

View Article

Why IRONGATE Is A Big ICS Security Story

We were thrilled to add a session by Rob Caldwell / FireEye to next week’s S4xEurope agenda when we learned in April about the ICS malware they have named IRONGATE. This is the second biggest ICSsec...

View Article


S4xEurope Video: IRONGATE – Technical Deep Dive

We decided to put the IRONGATE video from last week’s S4xEurope out first. There is no new big reveal over the information put out in the FireEye article, but Rob provides a lot of context that makes...

View Article


Serial Killers: Ethernet/Serial Gateways Exposed

One of the nastiest aspects of the attack on the Ukrainian Electric Distribution System was bricking the Moxa Ethernet-to-Serial gateways. Industry insiders have known these little devices were a...

View Article
Browsing latest articles
Browse All 11 View Live