January 2018
11.01.2018
US CERT (ICS)
Meltdown and Spectre Vulnerabilities (Update H)
Title
Meltdown and Spectre Vulnerabilities (Update H)
Published
Jan. 11, 2018, 6:51 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update G) that was published April 27, 2018, on the NCCIC/ICS-CERT website.
11.01.2018
US CERT (ICS)
Meltdown and Spectre Vulnerabilities (Update G)
Title
Meltdown and Spectre Vulnerabilities (Update G)
Published
Jan. 11, 2018, 6:51 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update F) that was published March 1, 2018, on the NCCIC/ICS-CERT website.
11.01.2018
US CERT (ICS)
Meltdown and Spectre Vulnerabilities (Update F)
Title
Meltdown and Spectre Vulnerabilities (Update F)
Published
Jan. 11, 2018, 6:51 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01F
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01E Meltdown and Spectre Vulnerabilities that was published February 22, 2018, on the NCCIC/ICS-CERT web site.
11.01.2018
US CERT (ICS)
Meltdown and Spectre Vulnerabilities (Update I)
Title
Meltdown and Spectre Vulnerabilities (Update I)
Published
Jan. 11, 2018, 6:51 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update H) that was published July 10, 2018, on the NCCIC/ICS-CERT website.
11.01.2018
US CERT (ICS)
Meltdown and Spectre Vulnerabilities (Update J)
Title
Meltdown and Spectre Vulnerabilities (Update J)
Published
Jan. 11, 2018, 6:51 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
December 2017
07.12.2017
US CERT (ICS)
WAGO PFC200
Title
WAGO PFC200
Published
Dec. 7, 2017, 10:11 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-341-01
Summary
NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port. This report was released after attempted coordination with WAGO. NCCIC has notified ...
August 2017
04.08.2017
US CERT (ICS)
Eaton ELCSoft Vulnerabilities
Title
Eaton ELCSoft Vulnerabilities
Published
Aug. 4, 2017, 9:11 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-216-01-0
Summary
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, ...
July 2017
28.07.2017
US CERT (ICS)
CAN Bus Standard Vulnerability
Title
CAN Bus Standard Vulnerability
Published
July 28, 2017, 9:34 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-209-01
Summary
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard. According to the public report, which was coordinated with ICS-CERT prior to its public release, researchers Andrea Palanca, Eric ...
25.07.2017
US CERT (ICS)
CRASHOVERRIDE Malware
Title
CRASHOVERRIDE Malware
Published
July 25, 2017, 6:45 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-206-01
Summary
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers. Additional modules include a data-wiping component and a module capable ...
June 2017
30.06.2017
US CERT (ICS)
Petya Malware Variant (Update C)
Title
Petya Malware Variant (Update C)
Published
June 30, 2017, 11:09 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-181-01C
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries. ICS-CERT is releasing this alert to enhance ...
May 2017
16.05.2017
US CERT (ICS)
Indicators Associated With WannaCry Ransomware (Update I)
Title
Indicators Associated With WannaCry Ransomware (Update I)
Published
May 16, 2017, 1:16 a.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-135-01I
Summary
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01H Indicators Associated With WannaCry Ransomware that was published May 31, 2017, on the NCCIC/ICS-CERT web site.
April 2017
12.04.2017
US CERT (ICS)
BrickerBot Permanent Denial-of-Service Attack (Update A)
Title
BrickerBot Permanent Denial-of-Service Attack (Update A)
Published
April 12, 2017, 5:02 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-102-01A
Summary
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-102-01A BrickerBot Permanent Denial-of-Service Attack that was published April 12, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of open-source reports of “BrickerBot” attacks, which exploit hard-coded passwords in IoT devices in order to cause a permanent denial ...
March 2017
14.03.2017
US CERT (ICS)
MEMS Accelerometer Hardware Design Flaws (Update A)
Title
MEMS Accelerometer Hardware Design Flaws (Update A)
Published
March 14, 2017, 3:10 p.m.
URL
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-073-01A
Summary
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-073-01 MEMS Accelerometer Hardware Design Flaws that was published March 14, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of public reporting of hardware design flaws in some capacitive micro-electromechanical systems (MEMS) accelerometer sensors, which are produced by ...

Last Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
12.11.2024
US CERT
08.11.2024
US CERT (ICS)
12.11.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds