6 C
London
Wednesday, November 22, 2017
Home Tags General Electric

Tag: General Electric

Billions in cost overruns mean power companies, politicians ready to walk away.
New additions to the Predix platform are targeted at energy traders and grid managers.
Boffins turned up hard-coded password in ancient controllers General Electric is pushing patches for protection relay bugs that, if exploited, could open up transmission systems to a grid-scale attack.…
Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks.
In this blogpost we outline some of the recent ‘improvements’ to Hajime, some techniques that haven’t been made public, and some statistics about infected IoT devices.
After Aliso Canyon leak, state ordered utilities to fund alternatives.
A personalized shoe that can “adjust the strength, durability, and the shape.”
Hiring enough tech talent to facilitate digital transformations typically tops the list of challenges CIOs face.

They could do worse than follow the blueprint crafted by 125-year-old General Electric.The company has lured top tech executives from Ap...
Only a local hacker in a facility would be able to run an attack General Electric (GE) has pushed out an update to its industrial control systems following the discovery of vulnerabilities that create a way for hackers to steal SCADA system passwords. Potential exploits based on the vulnerabilities could be abused to cause process flow disruptions in power stations, utility providers and factories, according to Positive Technologies, the security firm that discovered the flaws. A spokeswoman for GE Digital played down the vulnerabilities, which she said can't be exploited remotely. Only a local hacker in a plant or facility would have been in a position to run an attack, she said, adding that there had been no signs of exploitation. Line-up The CVE-2016-9360 vulnerability (CVSS v3[1] score 6.4) makes it possible for an attacker to have access to legitimate sessions, intercepting user passwords locally.

General Electric's Proficy HMI/SCADA iFIX 5.8 SIM 13[2], Proficy HMI/SCADA CIMPLICITY 9.0[3], Proficy Historian 6.0[4] and their previous versions are vulnerable. Another flaw makes it possible for an attacker or malware with local access to obtain industrial database passwords. iFIX 5.8 (Build 8255) and previous versions are vulnerable. A third vulnerability makes it possible for a local attacker to block the authorisation of the application in the realtime database, either causing a failure at reading and recording history or database inoperability.
Industrial database Proficy Historian Administrator 5.0.195.0 need updating in response to his flaw. Positive Technologies also claimed to have discovered a critical fault in a security mechanism of all three systems related to use of standard passwords at network access authorisation.

This allows remote access to industrial process control, the security firm warns.

GE disputes this saying that the flaws, which were resolved in December, present only a local hack risk. Proficy HMI/SCADA iFIX needs to be updated to version 5.8 SIM 14, Proficy HMI/SCADA CIMPLICITY to version 9.5, and Proficy Historian to version 7.0. The vulnerabilities were reported to GE on July 31, 2015.

The install base of Proficy product family (CIMPLICITY, iFix, Historian) is in the thousands, and they are deployed across multiple industries. An update from ICS-CERT his week explaining the flaws in more detail can be found here. ® Sponsored: Continuous lifecycle London 2017 event.

DevOps, continuous delivery and containerisation. Register now
If you didn't patch, you've probably been p0wned already Attackers are already exploiting a dangerous privileged account creation hole in the Joomla! content management system attempting, with attempts made on about 30,000 sites in the days days after a patch for the flaw landed. The vulnerability, which allows anyone to create privileged accounts on Joomla! sites, was first flagged in a scant Joomla! pre-release notice warning administrators to prepare for a then un-described but critical patch. At the time The Register warned the then mysterious flaw would likely be exploited in the coming days and weeks as the respective patch is reverse-engineered. Those attacks have eventuated faster than we predicted. Sucuri analyst Daniel Cid says the attacks arrived in force three days after patching and were so large that any site that did not apply the patch has likely now been compromised. "Less than 24 hours after the initial disclosure, we started to see tests and small pings on some of our honeypots trying to verify if this vulnerability was present," Cid says, adding attackers unsuccessfully targeted every Joomla site in Sucri's network. "In less than 36 hours after the initial disclosure, we started to see mass exploit attempts across the web. "In fact, because of the sharp increase, it's our belief that any Joomla! site that has not been updated is most likely already compromised." Cid and colleagues were able to reverse-engineer the patch within a "few hours", creating an internal tool that could exploit the vulnerabilities (CVE-2016-8870, CVE-2016-8869) and upload backdoors to affected sites. He says attackers begun immediately probing for user.register tasks and creating unauthorised users. Hours after IP addresses from Romania and Latvia begun mass scanning thousands of sites attempting to create the user db_cfg. Joomla! has been downloaded more than 75 million times and runs on big ticket sites including McDonalds, Ikea, General Electric, Linux.com, and major news sites. WordPress leads the open-source content management pack with some 140 million downloads. "If you have not updated your Joomla site yet, you are likely already compromised," Cid says. The engineer has detailed indicators of compromise administrators can look for to determine if their Joomla! site was attacked. ®
Borked two factor authentication also fixed Joomla! has revealed it's patched twin critical flaws allowing attackers to bypass rules and create elevated privilege accounts. Project staff warned of the looming patch this week asking administrators to pr...
Patch to drop 1400 UTC, Tuesday.

And the haste of its release suggests this is scary The world's second-favourite content management system, Joomla!, is warning of a critical security hole so bad its developers aren't saying what it fixes. The Register understands a patch for the mystery hole will take the name of version 3.6.4 and will be published around 1400 UTC today, October 25th. Joomla! has been downloaded more than 75 million times and runs on big ticket sites including McDonalds, Ikea, General Electric, Linux.com, and major news sites. WordPress leads the open-source content management pack with some 140 million downloads. The Joomla! security strike team says only that it was "informed of a critical security issue in the Joomla! core" which is a "very important security fix". "Until the release is out, please understand that we cannot provide any further information," the security team says. It is difficult to speculate on the possible vulnerability and administrators should take measured steps to prepare for the release of the upcoming patch, rather than hyperventilate. However, Jooma!'s reticence to publish details before patches are issued combined with its description of the bug as critical suggests the problem allows either data siphoning bug or server compromise. If either scenario is thee case, administrators should expect black hats to exploit the flaw as soon as they can build exploits. From there - based on the exploitation historical major vulnerabilities - attacks could spread to compromise Joomla! instances that remain un-patched in the ensuing days and weeks. ®