Submitted by Eric Byres on Thu, 2011-08-04 15:07
My optimism regarding Siemens and its approach to SCADA/ICS security has just taken another big hit. There are major security problems at Siemens and they are not close to fixing them.
I am embarrassed I gave them such high marks in my previous blogs.
Submitted by Eric Byres on Mon, 2011-06-13 16:24
Over the past week, I have been digging into the Siemens S7 PLC vulnerabilities that were discovered by Dillon Beresford at NSS Labs in May. In the first blog article, I analyzed the contradictory information being circulated in an attempt to scrape out a few facts and guesses on what PLC products are actually affected and what the nature of the vulnerabilities are.
Submitted by Eric Byres on Fri, 2011-06-10 16:24
In my previous blog, I analyzed the contradictory information being circulated regarding the Siemens S7 PLC vulnerabilities that were discovered by Dillon Beresford at NSS Labs in May. By studying the various Siemens and NSS notices, we were able to scrape out a few facts.
Submitted by Eric Byres on Thu, 2011-06-09 14:32
The recent news that Dillon Beresford at NSS Labs had discovered somewhere between four and six serious vulnerabilities in the Siemens S7 PLC product has created quite a storm of news and concern for critical asset owners. Unfortunately, information on the range and severity of the vulnerabilities has been contradictory.