Security feed

Earlier
Accounts worden vaak beveiligd door middel van een gebruikersnaam en wachtwoord. Deze techniek is al tientallen jaren in gebruik en is de meest voorkomende manier om toegang te krijgen tot een account. Vaak kiest een gebruiker voor simpele wachtwoorden die gemakkelijk te onthouden zijn. Dit maakt het eenvoudig voor kwaadwillenden [...]
Mon, Oct 22, 2018
Source: Nationaal cyber security center
Het NCSC adviseert om de beveiligingsmaatregelen voor netwerkverbindingen op basis van het Remote Desktop Protocol aan te scherpen. Dit advies is gebaseerd op een waarschuwing uitgebracht door het Internet Crime Complaint Center (IC3). [...]
Fri, Oct 05, 2018
Source: Nationaal cyber security center
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website. [...]
Thu, Jan 11, 2018
Source: ICS CERT
NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port. This report was released after attempted coordination with WAGO. NCCIC has notified [...]
Thu, Dec 07, 2017
Source: ICS CERT
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, [...]
Fri, Aug 04, 2017
Source: ICS CERT
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard. According to the public report, which was coordinated with ICS-CERT prior to its public release, researchers Andrea Palanca, Eric [...]
Fri, Jul 28, 2017
Source: ICS CERT
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers. Additional modules include a data-wiping component and a module capable [...]
Tue, Jul 25, 2017
Source: ICS CERT
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries. ICS-CERT is releasing this alert to enhance [...]
Fri, Jun 30, 2017
Source: ICS CERT
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01H Indicators Associated With WannaCry Ransomware that was published May 31, 2017, on the NCCIC/ICS-CERT web site. [...]
Mon, May 15, 2017
Source: ICS CERT
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-102-01A BrickerBot Permanent Denial-of-Service Attack that was published April 12, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of open-source reports of “BrickerBot” attacks, which exploit hard-coded passwords in IoT devices in order to cause a permanent denial [...]
Wed, Apr 12, 2017
Source: ICS CERT


Print pagePDF pageEmail page