Hacking Exposed

Recommendations

Info

SCADA: Default Passwords…
2x the 0-days in 2010 MSIE HTML Object Memory Corruption Vulnerability (Jan. 14) CVE-2010-0249 (MS10-002) MSIE Dynamic OBJECT tag and URLMON sniffing Vulnerabilities (Feb. 3) CVE-2010-0255 (MS10-035) Adobe Acrobat, Reader, Remote Code Execution Vulnerability (Feb. 11) – 5 days CVE-2010-0188 (APSB10-07) ALL PLATFORMS MSIE Uninitialized Memory Corruption Vulnerability (Mar. 9) CVE-2010-0806 (MS10-018) Adobe Flash/Reader/Acrobat authplay.dll code execution (June 4) – 24 days* CVE-2010-1297 (APSA10-01) ALL PLATFORMS Windows Shell .lnk Vulnerability (July 16) – 16 days CVE-2010-2568 (MS10-046) – Active exploitation with Stuxnet worm, many more… Apple iPhone/iPad/iPod Code Execution and Sandbox Bypass (Aug. 3) – 8 days CVE-2010-1797/CVE-2010-2972/CVE-2010-2973 – Active exploitation jailbreakme.com Adobe Reader, Acrobat, Remote Control Vulnerability (Sept. 7) – 7 days and counting CVE-2010-2883 (APSA10-02) - Active embedded PDF exploitation ROP to bypass ASLR/DEP
Page 1 and 2: Attacking Infrastructure Hacking Ex
Page 3 and 4: Evolution: Motivation From Vandalis
Page 5: Evolution: Targets From PCs, modems
Page 8 and 9: Myth #10 Critical infrastructure is
Page 10 and 11: SCADA
Page 12 and 13: NIST SP800-82: Communications
Page 14 and 15: NIST SP800-82: Railway
Page 16 and 17: NIST SP800-82: Manufacturing
Page 27 and 28: SANS Diary: SCADA (Aug. 22, 2010)
Page 31 and 32: RTUs/MTUs/PLCs/HMIs/DAS/IED and mor
Page 35 and 36: Automated Teller Machines Processor
Page 37 and 38: Myth #7 Critical infrastructure run
Page 39 and 40: ATMs: Services Running (edited for
Page 41 and 42: Myth #6 These systems are secure (o
Page 43 and 44: Smart Meters: The OFF Switch July 2
Page 45: SCADA: Siemens database default pas
Page 49 and 50: Stuxnet: Under the Hood • Discove
Page 51 and 52: How Stuxnet works… • When the f
Page 53 and 54: Bypassing Detection • Creates the
Page 55 and 56: MRXCLS.SYS 0xF8153747BAE8B4AE48837E
Page 57 and 58: MRXNET.SYS 0x1E17D81979271CFA44D471
Page 59 and 60: Stuxnet: Pilfering… • Connects
Page 61 and 62: Stuxnet: Command and Control (C&C/C
Page 63 and 64: Stuxnet: HELP • Siemens UPDATE -
Page 65 and 66: Myth #5 Because they don’t run st
Page 67 and 68: BlackHat 2010 - Las Vegas, NV
Page 69 and 70: ATMs: Vulnerabilities (Cyber) July
Page 71 and 72: BHO DEMO
Page 73 and 74: Myth #3 Whatever problems exist, th
Page 75 and 76: Public Transportation
Page 77 and 78: Biomed: Implantable Medical Devices
Page 79 and 80: Myth #3 Whatever problems exist, th
Page 81 and 82: DOE report • May 2010 Report from
Page 83 and 84: NERC (Project 2008-06 Cyber Securit
Page 85 and 86: Myth #2 There is nothing we can do
Page 87 and 88: BONUS?
Page 89 and 90: Initial screen (blue pill or red pi
Page 91 and 92: PCAP of ownage - User-Agent values
Page 93 and 94: Owned - now grab Cydia, etc

Hacking Exposed

Create successful ePaper yourself

Delete template?

Save as template?