From Craig S Wright, vice president of Global Institute for Cybersecurity + Research, a look at the use of SCADA systems that are connected to the Internet. You probably remember SCADA from the starring role it played in the Stuxnet worm.
For those who do not know, 747's are big flying Unix hosts. At the time, the engine management system on this particular airline was Solaris based. The patching was well behind and they used telnet as SSH broke the menus and the budget did not extend to fixing this. The engineers could actually access the engine management system of a 747 in route. If issues are noted, they can re-tune the engine in air.
The issue here is that all that separated the engine control systems and the open network was NAT based filters. There were (and as far as I know this is true today), no extrusion controls. They filter incoming traffic, but all outgoing traffic is allowed. For those who engage in Pen Testing and know what a shoveled shell is... I need not say more.
When a computer stops behaving, the solution often involves looking up an obscure command and pasting it into the terminal — even experienced administrators and programmers aren’t immune to this, because remembering the exact syntax for commands you use once every couple years is a choresome task.
Phil Mocek filed a public records request to find out how Seattle’s new smart meters — supplied by Landis and Gyr — will work. As Mocek writes, these meters are based on “unspecified and unverifiable sensors that monitor activity inside of private property and can communicate collected information in real-time to unspecified machines in remote […]
Jared Sinclair developed the RSS reader app Unread, which made $10,000 in its first 24 hours on the iOS market. And we’ve all heard the story of Flappy Bird developer Dong Nguyen, whose creation was reportedly earning $50,000 a day at the height of its 2013 explosion. While those are rare examples, they’re also testament to the […]
If you or your company’s IT system are besieged by black hat cyber attacks, an ethical hacker might be all that stands between crippling damage and a company’s long-term prosperity. It’s no wonder that the market for IT security specialists is exploding. Certification is the key – so learn the tenets of ethical hacking and get […]
Your laptop and mobile devices are top of the line…so why are you trotting out that raggedy decades-old suitcase when you go somewhere? Time to up your travel game with a complete 5-piece Herschel Travel Luggage bundle…and we’ll even give it to you for free!Of course, you’ve got to win the Ultimate Herschel Travel Bundle […]