Leaderboard

Nu, o ai aici

Trebuie sa inveti atat teoretic cat si sa lucrezi practic. Da, am vazut multe pareri bune despre acea carte asa ca ti-o recomand. Ulterior poti trece la altele, trebuie sa le iei pe rand. Gasesti documentatie legat de orice pe Internet, trebuie doar sa fii motivat.

Vulnerabilities reminiscent of Stuxnet found in two Schneider Electric products could allow an attacker to gain operation control of a device by intercepting then retransmitting commands. Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC). By exploiting the flaws, a malicious actor could take control of the devices in the same manner operators circa 2005 used the Stuxnet worm to control and ultimately cause Iran’s nuclear centrifuges to destroy themselves. Trustwave analysts were able to use the Schneider Electric vulnerability to intercept, change, then resend commands between the engineering software and the PLC. The second issue is spun off the fact that SoMachine Basic does not perform adequate checks on critical values used in the communications with PLC. If exploited an attacker could potentially be used to send manipulated packets to the PLC, without the software being aware of the manipulation. That’s eerily similar to Stuxnet’s modus operandi, which, according to a 2010 Symantec report, infected one of the Iranian engineering workstations that was being used to manage and control the Siemens Step 7 PLC. Stuxnet infected all the Step 7 projects and side-loaded a malicious dynamic linked library (DLL), which is used by the software to communicate with the PLC. It intercepted and modified all the legitimate packets to the controllers and successfully uploaded malicious logic codes to change the controller behaviors. The malicious library file prevented PLC operators from realizing that the PLCs were compromised. Schneider has patched the SoMachine Basic v1.6 vulnerability and is working on a final mitigation for the second attack. In the meantime the company recommended users block the port on the firewall or disable the protocol. In addition, Trustwave urged organizations to harden the network through micro segmentation and zoning, ensuring that ICS assets and network are monitored for abnormal communications. Via scmagazine.com

Da' si voua va plaaace... . Speed13x , abcd-urs in discutii si exprimari .. @Speed13x prietena ta face misto de tine. Dai o buca si zii sa iti intre-n cont sa stearga filmuletul. O sa te convingi ca nu poate.

Salut, este cineva dispus sa intre in pc-ul cuiva pe windows? Mersi,