The Latest in IT Security

Malware Built to Hack Building Automation Systems

16
Jan
2019
Malware Built to Hack Building Automation Systems

prod-green-code-hacker

S4x19 — Miami — Researchers who discovered multiple vulnerabilities in building automation system (BAS) equipment have also constructed proof-of-concept malware to exploit some of those security weaknesses.

Security researcher Elisa Costante and her team at ForeScout last summer created the test malware, a modular design that includes a worm that spreads itself among BAS devices, using intelligence they gathered over the past three years while testing popular BAS systems such as protocol gateways and PLCs for HVACS and access control, for vulnerabilities. During that period, they uncovered ten security flaws, half of which were cross-site scripting (XSS) bugs in their associated Web application interfaces, as well as privilege escalation and buffer overflow vulnerabilities.

Read More

Leave a reply


Categories

TUESDAY, JUNE 25, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks