Reversing patches to create exploits is nothing new, and it tends to occupy the time of a lot of security researchers around the 2nd Tuesday of every month, but an interesting research paper was published recently from a few graduate students at CMU, Berkeley, and Pittsburgh that offers a new twist on an old topic. […]

I’m very pleased to announce that Steve Lipner, Microsoft’s Senior Director of Security Engineering Strategy in Trustworthy Computing, is the Day One Keynote at our SCADA Security Scientific Symposium (S4). All physical attendees will also receive a copy of his book, The Security Development Lifecycle. See the full agenda and register.
Steve’s keynote is titled […]

The headline on this blog is hardly shocking, but software quality does not get enough attention in the control system community. We now have three strong data points that show all OPC servers are not created equal.
1. The latest is Landon’s work to verify configuration recommendations in Part III of the OPC Security whitepaper series. […]

Not like it’s a topic that needs any more attention, but I thought I would share some opinions from some attendees who gave me a call right after the talk was over with. Within the first two minutes Ganesh and Tipping Point/3Com revealed that they would not be releasing the tool as it would “make […]

If you pay close attention to the pen-test mailing list you’re probably aware of the LLDP fuzzer that was released a few days ago. The fuzzer is accompanied by a very nice white paper explaining the protocol and the individual test cases.
I looked around for different SCADA devices that support LLDP and only ran […]

Digital Bond is a small, I like to say boutique, SCADA security research and consulting practice. We try to focus on projects that will have a significant and near term positive impact on the SCADA security community. I believe we have a pretty good track record with our SCADA IDS signatures, Nessus plugins, S4 […]

Dale previously blogged about Peter Gutmann’s whitepaper on Vista. Peter’s paper is constantly updated with information regarding Vista and it’s new “features”.
I was wondering if Microsoft would answer to Peter’s whitepaper and maybe comment or correct him on any misnomers. Some of the Microsoft Vista Development team decided to fill in the blanks and do […]

So I know that there are various wrappers for Perl/Ruby/Python (and even Java) for accessing the pcap files created by tcpdump, Ethereal/Wireshark, Snort, and pretty much every sensible out network packet capture tool out there, but having to install just the right version of libpcap on your Windows/OSX/Linux box and hope your distribution, package management […]

This is an interesting topic, and I want to throw in my less technical take.
Network security assessments are appropriate for owners and operators of control systems. Methodologies vary slightly by firm, but network security assessments will typically:

scan the operating systems, common IT applications, and infrastructure systems for known vulnerabilities and missing patches. Most assessors use […]

So last month I blogged on J2EE Application stack complexity and the Protego/CS-MARS advisory yesterday provides a graphic example these issues in a commercial security product:
From the exploit comments (I’ll let you find it yourself)
# Unfortunately, little or no effort was put in to securing the JBoss # installation as per the JBoss community’s recommended […]